Hi Nathanael, Nathanael Noblet <nathanael@xxxxxxx> writes: > Hello, > > I have been using a library for awhile now and have been thinking of submitting it to Fedora. Part of what I have been doing with it was compiling it using -fsanitize=address and leak etc. I’m kinda wondering about how that is handled with Fedora packages. Are we able to / should we provide library package versions that are compiled against these kinds of sanitizers? Or if someone wants to do that they should recompile the RPM with those flags and use it locally? > Address sanitizer is a debugging tool and beside the issues that Florian mentioned, there are also security issues involved with running ASAN applications in production: https://www.openwall.com/lists/oss-security/2016/02/17/9 (not sure if this is still relevant though). I'd certainly suggest to build applications with ASAN, UBSAN,and MSAN, but only do that for testing. If you want to integrate this in the rpmbuild process, you could rebuild your application in %check with ASAN enabled and run its test suite. Cheers, Dan
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
