git.ipfire.org Git - thirdparty/pdns.git/commit

author	Remi Gacogne <remi.gacogne@powerdns.com>
	Tue, 17 Jan 2023 16:31:52 +0000 (17:31 +0100)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Tue, 17 Jan 2023 16:36:58 +0000 (17:36 +0100)
commit	4f5834602e0098ba18b74a81badbb2e7dc4041ab
tree	26b4dd31a13a1ce9178df0bb2afb6d3f28e78fe4	tree \| snapshot
parent	d050f11cae96511625583ea23b27aad404dad061	commit \| diff

Add a new configure option to initialize automatic variables

The new option, `--enable-auto-var-init`, when enabled, sets the
`-ftrivial-auto-var-init` flag when supported by the compiler
(GCC 12+, clang 16+) to either:
- `zero`: zero-initializes all automatic variables, and is enabled
  with `--enable-auto-var-init=yes` or `--enable-auto-var-init=zero`.
  This can be used as a hardening measure in production, reducing
  information leakage issues.
- `pattern`: initialize all automatic variables to a pattern that
  is likely to be detected, like 0xAA, and is enabled via
  `--enable-auto-var-init=pattern`. This is useful in tests,
  especially when the cost of sanitizers is too high.

I have not done any performance testing, but the zero option is
generally considered to have a less than 5% performance cost.

configure.ac		diff \| blob \| blame \| history
m4/pdns_init_auto_vars.m4	[new file with mode: 0644]	blob
pdns/dnsdistdist/configure.ac		diff \| blob \| blame \| history
pdns/dnsdistdist/m4/pdns_init_auto_vars.m4	[new symlink]	blob
pdns/recursordist/configure.ac		diff \| blob \| blame \| history
pdns/recursordist/m4/pdns_init_auto_vars.m4	[new symlink]	blob