Hi, I thought given the current issues with glibc I'd bring that up.
A while ago I had a conversation with Kostya about building glibc with asan. I think it can be summed up as "it's possible, but requires lots of manual work and is complicated". The publicly available documentation is currently a wiki page listing problems trying to build glibc with clang https://sourceware.org/glibc/wiki/GlibcMeetsClang and some reports about fuzzing done with libfuzzer https://sourceware.org/glibc/wiki/FuzzingLibc As far as I can see there is currently no public documentation how one would compile glibc with asan (and/or libfuzzer). I think it is a major drawback of security analysis of glibc that many common tools don't work on it and it'd be great if this area could be improved. So the question is: How realistic would it be to make this stuff more easily accessible? -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42 -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
pgplh1FHJmJnk.pgp
Description: OpenPGP digital signature