Date: Fri, 20 Mar 2015 19:14:33 -0700 From: Konstantin Serebryany <konstantin.s.serebryany@...il.com> To: Rich Felker <dalias@...c.org> Cc: musl@...ts.openwall.com Subject: Re: buffer overflow in regcomp and a way to find more of those > > Sorry to keep bombarding you with questions. You are more than welcome! > One more: is it only asan > that needs dynamic linking? If we're willing to drop asan for now and > just rely on musl itself crashing for heap corruption (musl does a > good job of detecting it usually), can the necessary coverage stuff > still work with static linking? I think it can with a reasonable additional work, but not out of the box. The compiler instrumentation in clang clearly does not care about dynamic vs static linking. If you build the source with "-fsanitize=leak -fsanitize-coverage=4 -O1" the compiler will not insert any of the asan instrumentation and only insert calls to a couple of functions needed for coverage. Then, instead of linking with the full asan+coverage run-time, you will need a very simple re-implementation of coverage-only runtime. But, my previous experience with running fuzzers w/o memory bug detectors (asan, or others) suggests that this is a bad idea. Memory bugs tend to accumulate and show up in the following iterations (if at all). > > Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.