On Thu, Jul 30, 2015 at 09:39:56PM +0200, Kurt Roeckx <k...@roeckx.be> wrote: > > I guess correctly then - I built a gvpe binary with it and it works for a > > while now. I will have to look into building openssl this way - any tips > > on how to most easily achieve that with the debian openssl package? > > It should pick them up from dpkg-buildflags. > > So setting DEB_CFLAGS_APPEND="-fsanitize=address" in the > environment should do it.
Well, I am a bloody beginner w.r.t. building debian packages, so thanks, thats useful to know. Anyways, I built a new libssl package from testing with -fsanitize=address, same with gvpe, verified that it is indeed statically linked and... marco(udp/x.x.x.x:407): hmac authentication error, received invalid packet could be an attack, or just corruption or a synchronization error. Otherwise, it seems to work. I enabled a stack underflow to check whether -fsanitize=address is active, and triggered it immediatelly, so its active, but apparently there are no obvious out of bounds accesses in gvpe (and libcrypto, and their combination). I haven't tried this with stable's libcrypto, because I didn't expect useful info to come out of it (other than that it works with libssl from stable, which we already know). -- The choice of a Deliantra, the free code+content MORPG -----==- _GNU_ http://www.deliantra.net ----==-- _ generation ---==---(_)__ __ ____ __ Marc Lehmann --==---/ / _ \/ // /\ \/ / schm...@schmorp.de -=====/_/_//_/\_,_/ /_/\_\ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org