diff --git a/make.sh b/make.sh index 45495710..b3da989f 100755 --- a/make.sh +++ b/make.sh @@ -4,26 +4,34 @@ echo '/* Dual licenses: choose "Creative Commons" or "Apache 2" (allows all uses sSRC="./cxx/" #INCLUDES="${sSRC}" #export CXX_FLAGS="-I${INCLUDES}" +CXX_FLAGS_DEBUG="-fsanitize=address -fno-sanitize-recover=all -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize=null -fno-sanitize=alignment" #/* supports `g++`/`clang++`: https://developers.redhat.com/blog/2021/05/05/memory-error-checking-in-c-and-c-comparing-sanitizers-and-valgrind#tldr */ +export ASAN_OPTIONS=abort_on_error=1:fast_unwind_on_malloc=0:detect_leaks=0 UBSAN_OPTIONS=print_stacktrace=1 #/* "For LLDB/GDB and to prevent very short stack traces and usually false leaks detection" */ +CXX_FLAGS_DEBUG="${CXX_FLAGS_DEBUG} -fno-omit-frame-pointer" #/* thus optimization won't remove stacktraces: https://stackoverflow.com/questions/48234575/g-will-fno-omit-frame-pointer-be-effective-if-specified-before-o2-or-o3 https://clang.llvm.org/docs/MemorySanitizer.html */ +CXX_FLAGS_DEBUG="${CXX_FLAGS_DEBUG} -g" #/* gives line numbers, + arguments, to stacktraces */ +#CXX_FLAGS_DEBUG="${CXX_FLAGS_DEBUG} -fno-optimize-sibling-calls" #/* Don't inline functions. Does extra stacktraces. */ +#CXX_FLAGS_DEBUG="${CXX_FLAGS_DEBUG} -fsanitize=undefined" #/* causes 'cannot locate symbol "__ubsan_handle_function_type_mismatch_abort"' */ if command -v ctags; then ctags -R fi if command -v clang++; then - GXX="clang++" + CXX="clang++" elif command -v g++; then - GXX="g++" + CXX="g++" else echo "Error: no clang++, no g++. `apt install clang` or `apt install gcc`" exit 1 fi rm *.o -$GXX -x c -c ${sSRC}/../c/rfc6234/sha1.c -$GXX -x c -c ${sSRC}/../c/rfc6234/sha224-256.c -$GXX -x c -c ${sSRC}/../c/rfc6234/sha384-512.c -$GXX -c ${sSRC}/ClassSha2.cxx -$GXX -c ${sSRC}/ClassResultList.cxx -$GXX -c ${sSRC}/ClassCns.cxx -$GXX -c ${sSRC}/VirusAnalysis.cxx -$GXX -c ${sSRC}/ConversationCns.cxx -$GXX -c ${sSRC}/main.cxx -$GXX sha1.o sha224-256.o sha384-512.o ClassSha2.o ClassResultList.o ClassCns.o VirusAnalysis.o ConversationCns.o main.o +CXX_FLAGS="${CXX_FLAGS} ${CXX_FLAGS_DEBUG}" #/* comment this to disable sanitizers/stacktraces (if you want to run fast) */ +CXX="${CXX} ${CXX_FLAGS}" +$CXX -x c -c ${sSRC}/../c/rfc6234/sha1.c +$CXX -x c -c ${sSRC}/../c/rfc6234/sha224-256.c +$CXX -x c -c ${sSRC}/../c/rfc6234/sha384-512.c +$CXX -c ${sSRC}/ClassSha2.cxx +$CXX -c ${sSRC}/ClassResultList.cxx +$CXX -c ${sSRC}/ClassCns.cxx +$CXX -c ${sSRC}/VirusAnalysis.cxx +$CXX -c ${sSRC}/ConversationCns.cxx +$CXX -c ${sSRC}/main.cxx +$CXX sha1.o sha224-256.o sha384-512.o ClassSha2.o ClassResultList.o ClassCns.o VirusAnalysis.o ConversationCns.o main.o diff --git a/posts/VirusAnalysis.md b/posts/VirusAnalysis.md index 7d0e8be1..9c004a4f 100644 --- a/posts/VirusAnalysis.md +++ b/posts/VirusAnalysis.md @@ -852,9 +852,7 @@ which show how to use hex dumps (or disassembled sources) of the apps/SW (execut Static analysis (such as Clang/LLVM has) just checks programs for accidental security threats (such as buffer overruns/underruns, or null-pointer-dereferences,) but could act as a basis, if you add a few extra checks for deliberate vulnerabilities/signs of infection (these are heuristics, so the user should have a choice to quarantine and submit for review, or continue launch of this). https://github.com/llvm/llvm-project/blob/main/clang/lib/StaticAnalyzer -is part of Clang/LLVM (license is FLOSS,) does static analysis (produces full graphs of each function the SW uses, -plus arguments passed to thus, -so that if the executable violates security, the analysis shows this to you and asks you what to do.) +is part of Clang/LLVM (license is FLOSS,) does static analysis (emulation produces inputs to functions, formulas analyze stacktraces (+ heap/stack uses) to produce lists of possible unwanted side effects to warn you of); versus [`-fsanitize`](https://github.com/SwuduSusuwu/SubStack/issues/5), do not have to recompile to do static analysis. `-fsanitize` requires you to produce inputs, static analysis does this for you. LLVM is lots of files, Phasar is just it’s static analysis: https://github.com/secure-software-engineering/phasar