On Wed, Jul 27, 2016 at 05:11:12PM -0700, Conrad Meyer wrote: > On Wed, Jul 27, 2016 at 5:05 PM, Shawn Webb <shawn.webb_at_hardenedbsd.org> wrote: > > On Wed, Jul 27, 2016 at 05:02:07PM -0700, Conrad Meyer wrote: > >> The problem appears to be an upstream limitation of > >> -fsanitize=safe-stack: "Most programs, static libraries, or individual > >> files can be compiled with SafeStack as is. ??? Linking a DSO with > >> SafeStack is not currently supported." [0] > >> > >> That probably needs to be addressed upstream before it can be enabled globally. > > > > Gotcha. If I'm reading correctly, then, SafeStack can only be enabled in > > bsd.prog.mk (and _not_ bsd.lib.mk). Is that correct? > > That is my reading of the page. I'll admit my total experience with > -fsanitize=safe-stack is limited to glancing at the web page 5 minutes > ago, so don't consider my take authoritative. Doing a test build right now with SafeStack enabled only in bsd.prog.mk. I'll report back with results tonight or tomorrow. Thanks again, -- Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:07 UTC