[Bug 3441] Build openssh with sanitizer flags enabled
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Jul 1 16:01:23 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3441
--- Comment #9 from Darren Tucker <dtucker at dtucker.net> ---
I committed a change to configure.ac to skip the check in this case.
With that and the following configure invocation on an unmodified
current source tree I got it to work, at least as far as getting a leak
report from the preauth privsep process. This seems to work for both
gcc and clang, although the reports from clang seem much better.
$ sudo mkdir -p /chroot/proc
$ sudo mount -t proc proc /chroot/proc
$ CC=clang-14 ./configure --disable-security-key --disable-pkcs11
--without-sandbox --with-cflags=-fsanitize=address
--with-ldflags=-fsanitize=address --with-privsep-path=/chroot
--with-privsep-user=root
Obviously, using "root" as the privsep user is not suitable for
production use.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list