[openssh-commits] [openssh] 01/01: Add clang sanitizer tests.

git+noreply at mindrot.org git+noreply at mindrot.org
Sun Jul 3 22:54:07 AEST 2022 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 7394ed80c4de8b228a43c8956cf2fa1b9c6b2622
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Sun Jul 3 21:46:44 2022 +1000

    Add clang sanitizer tests.
---
 .github/configs             | 45 ++++++++++++++++++++++++++++++++++++++++++++-
 .github/setup_ci.sh         |  3 +++
 .github/workflows/c-cpp.yml |  5 +++++
 openbsd-compat/bsd-misc.c   | 12 ++++++++++++
 4 files changed, 64 insertions(+), 1 deletion(-)

diff --git a/.github/configs b/.github/configs
index 871a3d41..d0ed7395 100755
--- a/.github/configs
+++ b/.github/configs
@@ -17,6 +17,7 @@ SUDO=sudo	# run with sudo by default
 TEST_SSH_UNSAFE_PERMISSIONS=1
 # Stop on first test failure to minimize logs
 TEST_SSH_FAIL_FATAL=yes
+unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
 
 CONFIGFLAGS=""
 LIBCRYPTOFLAGS=""
@@ -41,6 +42,48 @@ case "$config" in
 	CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter"
 	CONFIGFLAGS="--with-pam --with-Werror"
 	;;
+    clang-sanitize-*)
+	# - We replace chroot with chdir so that the sanitizer in the preauth
+	#   privsep process can read /proc.
+	# - clang does not recognizes explicit_bzero so we use bzero
+	#   (see https://github.com/google/sanitizers/issues/1507
+	# - openssl and zlib trip ASAN.
+	# - sp_pwdp returned by getspnam trips ASAN, hence disabling shadow.
+	case "$config" in
+	clang-sanitize-address)
+	    CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
+	    LDFLAGS="-fsanitize=address"
+	    CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DASAN_OPTIONS=\"detect_leaks=0:log_path=/tmp/asan.log\"'
+	    CONFIGFLAGS="--without-openssl --without-zlib --without-shadow"
+	    TEST_TARGET="t-exec"
+	    ;;
+	clang-sanitize-memory)
+	    CFLAGS="-fsanitize=memory -fsanitize-memory-track-origins"
+	    LDFLAGS="-fsanitize=memory"
+	    CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DMSAN_OPTIONS=\"log_path=/tmp/msan.log\"'
+	    CONFIGFLAGS="--without-openssl --without-zlib --without-shadow"
+	    TEST_TARGET="t-exec"
+	    ;;
+	clang-sanitize-undefined)
+	    CFLAGS="-fsanitize=undefined"
+	    LDFLAGS="-fsanitize=undefined"
+	    ;;
+	*)
+	     echo unknown sanitize option;
+	     exit 1;;
+	esac
+	# Find the newest available version of clang
+	for i in `seq 10 99`; do
+	    clang=$(which clang-$i 2>/dev/null)
+	    [ -x "$clang" ] && CC="$clang"
+	done
+	features="--disable-security-key --disable-pkcs11"
+	hardening="--without-sandbox --without-hardening --without-stackprotect"
+	privsep="--with-privsep-user=root"
+	CONFIGFLAGS="$CONFIGFLAGS $features $hardening $privsep"
+	# Because we hobble chroot we can't test it.
+	SKIP_LTESTS=sftp-chroot
+	;;
     gcc-11-Werror)
 	CC="gcc"
 	# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
@@ -227,5 +270,5 @@ if [ -x "$(which plink 2>/dev/null)" ]; then
 	export REGRESS_INTEROP_PUTTY
 fi
 
-export CC CFLAGS LTESTS SUDO
+export CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
 export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
index a3bb8587..cd8b72d2 100755
--- a/.github/setup_ci.sh
+++ b/.github/setup_ci.sh
@@ -37,6 +37,9 @@ for TARGET in $TARGETS; do
     default|without-openssl|without-zlib|c89|libedit|*pam)
         # nothing to do
         ;;
+    clang-sanitize*)
+        PACKAGES="$PACKAGES clang-12"
+        ;;
     clang-*|gcc-*)
         compiler=$(echo $TARGET | sed 's/-Werror//')
         PACKAGES="$PACKAGES $compiler"
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 91698fe1..c8b8dbcd 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -32,6 +32,9 @@ jobs:
           - { os: ubuntu-20.04, configs: clang-10 }
           - { os: ubuntu-20.04, configs: clang-11 }
           - { os: ubuntu-20.04, configs: clang-12-Werror }
+          - { os: ubuntu-20.04, configs: clang-sanitize-address }
+          - { os: ubuntu-20.04, configs: clang-sanitize-memory }
+          - { os: ubuntu-20.04, configs: clang-sanitize-undefined }
           - { os: ubuntu-20.04, configs: gcc-7 }
           - { os: ubuntu-20.04, configs: gcc-8 }
           - { os: ubuntu-20.04, configs: gcc-10 }
@@ -106,3 +109,5 @@ jobs:
           config.log
           regress/*.log
           regress/valgrind-out/
+          /tmp/asan.log.*
+          /tnp/msan.log.*
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 3b00ef6d..226a5915 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -446,3 +446,15 @@ localtime_r(const time_t *timep, struct tm *result)
 	return result;
 }
 #endif
+
+#ifdef ASAN_OPTIONS
+const char *__asan_default_options(void) {
+	return ASAN_OPTIONS;
+}
+#endif
+
+#ifdef MSAN_OPTIONS
+const char *__msan_default_options(void) {
+	return MSAN_OPTIONS;
+}
+#endif

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list