Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test: Add control flow integrity sanitizer. #2399

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

iphydf
Copy link
Member

@iphydf iphydf commented Aug 30, 2023

This will check whether conversions to and casts from void* are correct. E.g. int* -> void* -> float* will trip the sanitizer.

https://clang.llvm.org/docs/ControlFlowIntegrity.html


This change is Reviewable

@codecov
Copy link

codecov bot commented Aug 30, 2023

Codecov Report

Patch and project coverage have no change.

Comparison is base (6133fb1) 9.99% compared to head (853a692) 9.99%.

Additional details and impacted files
@@          Coverage Diff           @@
##           master   #2399   +/-   ##
======================================
  Coverage    9.99%   9.99%           
======================================
  Files         141     141           
  Lines       32530   32530           
======================================
+ Hits         3250    3251    +1     
+ Misses      29280   29279    -1     

see 4 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

CMakeLists.txt Outdated
@@ -14,8 +14,8 @@
#
################################################################################

cmake_minimum_required(VERSION 2.8.12)
cmake_policy(VERSION 2.8.12)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

finally

@iphydf iphydf modified the milestones: v0.2.19, v0.2.20 Nov 7, 2023
This will check whether conversions to and casts from `void*` are
correct. E.g. `int* -> void* -> float*` will trip the sanitizer.

https://clang.llvm.org/docs/ControlFlowIntegrity.html
@Green-Sky
Copy link
Member

not sure what version of afl++ we are using, but it can also support cfisan

@@ -75,6 +75,9 @@ if(APPLE)
include(MacRpath)
endif()

include(CheckIPOSupported)
check_ipo_supported()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Calling this without any arguments makes IPO being unsupported a fatal error. I guess we can either set CMAKE_INTERPROCEDURAL_OPTIMIZATION based on if IPO is supported, or only perform this check if CMAKE_INTERPROCEDURAL_OPTIMIZATION is true.

@iphydf iphydf modified the milestones: v0.2.20, v0.2.21 Mar 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants