curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: cURL Asan testing and LIB ordering

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Mon, 13 May 2019 02:02:59 -0400

On 5/13/2019 1:42 AM, Jeffrey Walton via curl-library wrote:
> I'm performing a quick Asan audit on cURL 7.64.1. CFLAGS, CXXFLAGS
> include -fsanitize=address -fno-omit-frame-pointer; and LDFLAGS
> includes -fsanitize=address.
>
> cURL is failing to configure with the error below.
>
> How can I patch cURL so that it orders libraries properly during
> configure tests? I think I only need cURL to place $(LIBS) at the head
> of the list.
>
> Thanks in advance.
>
> ============================================
>
> checking for sys/socket.h... (cached) yes
> checking for struct timeval... yes
> checking run-time libs availability... ==9979==ASan runtime does not
> come first in initial library list; you should either link runtime to
> your application or manually preload it with LD_PRELOAD.
> failed
> configure: error: one or more libs available at link-time are not
> available run-time. Libs used at link-time: -lidn2 -lssl -lcrypto
> -lldap -llber -lz -lidn2 -lssl -lcrypto -lz -lasan -ldl -lpthread
> ==9984==ASan runtime does not come first in initial library list; you
> should either link runtime to your application or manually preload it
> with LD_PRELOAD.
> ==9987==ASan runtime does not come first in initial library list; you
> should either link runtime to your application or manually preload it
> with LD_PRELOAD.
> ==9990==ASan runtime does not come first in initial library list; you
> should either link runtime to your application or manually preload it
> with LD_PRELOAD.
> ==9992==ASan runtime does not come first in initial library list; you
> should either link runtime to your application or manually preload it
> with LD_PRELOAD.
> Failed to configure cURL
>
> ============================================
>
> PKG_CONFIG_PATH: /var/sanitize/lib64/pkgconfig
> CPPFLAGS: -I/var/sanitize/include -DNDEBUG
> CFLAGS: -g2 -O2 -fsanitize=address -fno-omit-frame-pointer
> -march=native -fPIC -pthread
> CXXFLAGS: -g2 -O2 -fsanitize=address -fno-omit-frame-pointer
> -march=native -fPIC -pthread
> LDFLAGS: -L/var/sanitize/lib64 -fsanitize=address
> -Wl,-R,/var/sanitize/lib64 -Wl,--enable-new-dtags
> LIBS: -lasan -ldl -lpthread

Why are you passing -lasan? I build curl with -fsanitize=address and no
-lasan and I don't have a problem. Here's what it looks like

COMMON="-fsanitize=address,undefined -fno-sanitize-recover
-fno-omit-frame-pointer -Wformat -Werror=format-security
-Werror=array-bounds -g"

CPPFLAGS="${CPPFLAGS:-}" \
CFLAGS="${CFLAGS:-} $COMMON" \
CXXFLAGS="${CXXFLAGS:-} $COMMON" \
LDFLAGS="${LDFLAGS:-} $COMMON -Wl,-rpath,/usr/local/ssl/lib
-Wl,-rpath,/usr/local/lib" \
./configure --enable-debug \
            --with-ssl=/usr/local/ssl \
            "$WITH_NGHTTP2" \
            "$@"

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-05-13