[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Suppressing sanitizer in sha256.c
|
From: |
Tim Rühsen |
|
Subject: |
Re: Suppressing sanitizer in sha256.c |
|
Date: |
Wed, 4 Apr 2018 09:45:23 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 |
On 04/03/2018 11:45 PM, Bruno Haible wrote:
> Eric Blake wrote:
>> What are the clang developers using as their justification
>> for this warning?
>
> Quoting the clang documentation [1]:
>
> "-fsanitize=unsigned-integer-overflow:
> Unsigned integer overflows. Note that unlike signed integer overflow,
> unsigned integer is not undefined behavior. However, while it has well-
> defined semantics, it is often unintentional, so UBSan offers to catch it."
>
> Bruno
>
> [1] https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
Thanks for looking into it.
To squeeze out as many potential bugs from my applications, I turn all
sanitizer options on. Then I reduce false positives by tagging the code
parts / functions. A bit like deduction.
The bad thing with clang is that I can't tag the calling function (in my
application) but have to set the attribute for the function that
triggers (in gnulib).
Gnulib is made to serve app/lib developers. And reducing false positives
would be of great help to reduce time spent into securing code that
uses gnulib. But I understand if you deny to that on the gnulib's side -
you would possibly open a can of worms.
Regards, Tim
signature.asc
Description: OpenPGP digital signature