[Bug 3441] Build openssh with sanitizer flags enabled

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jul 1 16:01:23 AEST 2022


--- Comment #9 from Darren Tucker <dtucker at dtucker.net> ---
I committed a change to configure.ac to skip the check in this case.

With that and the following configure invocation on an unmodified
current source tree I got it to work, at least as far as getting a leak
report from the preauth privsep process.  This seems to work for both
gcc and clang, although the reports from clang seem much better.

$ sudo mkdir -p /chroot/proc
$ sudo mount -t proc proc /chroot/proc
$ CC=clang-14 ./configure --disable-security-key --disable-pkcs11
--without-sandbox --with-cflags=-fsanitize=address
--with-ldflags=-fsanitize=address --with-privsep-path=/chroot

Obviously, using "root" as the privsep user is not suitable for
production use.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list