TEST_SSH_UNSAFE_PERMISSIONS=1
# Stop on first test failure to minimize logs
TEST_SSH_FAIL_FATAL=yes
+unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
CONFIGFLAGS=""
LIBCRYPTOFLAGS=""
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter"
CONFIGFLAGS="--with-pam --with-Werror"
;;
+ clang-sanitize-*)
+ # - We replace chroot with chdir so that the sanitizer in the preauth
+ # privsep process can read /proc.
+ # - clang does not recognizes explicit_bzero so we use bzero
+ # (see https://github.com/google/sanitizers/issues/1507
+ # - openssl and zlib trip ASAN.
+ # - sp_pwdp returned by getspnam trips ASAN, hence disabling shadow.
+ case "$config" in
+ clang-sanitize-address)
+ CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
+ LDFLAGS="-fsanitize=address"
+ CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DASAN_OPTIONS=\"detect_leaks=0:log_path=/tmp/asan.log\"'
+ CONFIGFLAGS="--without-openssl --without-zlib --without-shadow"
+ TEST_TARGET="t-exec"
+ ;;
+ clang-sanitize-memory)
+ CFLAGS="-fsanitize=memory -fsanitize-memory-track-origins"
+ LDFLAGS="-fsanitize=memory"
+ CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DMSAN_OPTIONS=\"log_path=/tmp/msan.log\"'
+ CONFIGFLAGS="--without-openssl --without-zlib --without-shadow"
+ TEST_TARGET="t-exec"
+ ;;
+ clang-sanitize-undefined)
+ CFLAGS="-fsanitize=undefined"
+ LDFLAGS="-fsanitize=undefined"
+ ;;
+ *)
+ echo unknown sanitize option;
+ exit 1;;
+ esac
+ # Find the newest available version of clang
+ for i in `seq 10 99`; do
+ clang=$(which clang-$i 2>/dev/null)
+ [ -x "$clang" ] && CC="$clang"
+ done
+ features="--disable-security-key --disable-pkcs11"
+ hardening="--without-sandbox --without-hardening --without-stackprotect"
+ privsep="--with-privsep-user=root"
+ CONFIGFLAGS="$CONFIGFLAGS $features $hardening $privsep"
+ # Because we hobble chroot we can't test it.
+ SKIP_LTESTS=sftp-chroot
+ ;;
gcc-11-Werror)
CC="gcc"
# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
export REGRESS_INTEROP_PUTTY
fi
-export CC CFLAGS LTESTS SUDO
+export CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL
- { os: ubuntu-20.04, configs: clang-10 }
- { os: ubuntu-20.04, configs: clang-11 }
- { os: ubuntu-20.04, configs: clang-12-Werror }
+ - { os: ubuntu-20.04, configs: clang-sanitize-address }
+ - { os: ubuntu-20.04, configs: clang-sanitize-memory }
+ - { os: ubuntu-20.04, configs: clang-sanitize-undefined }
- { os: ubuntu-20.04, configs: gcc-7 }
- { os: ubuntu-20.04, configs: gcc-8 }
- { os: ubuntu-20.04, configs: gcc-10 }
config.log
regress/*.log
regress/valgrind-out/
+ /tmp/asan.log.*
+ /tnp/msan.log.*
projects / thirdparty / openssh-portable.git / commitdiff
