[asterisk-bugs] [JIRA] (ASTERISK-24133) Please support Clang; Allow no-exec stacks
Jeffrey Walton (JIRA)
noreply at issues.asterisk.org
Wed Jul 30 10:26:56 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-24133?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeffrey Walton updated ASTERISK-24133:
--------------------------------------
Description:
Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provides dynamic analysis (runtime) by way of its sanitizers.
Configuring with Clang results in compile failures. For example:
export CC=clang
export CXX=clang++
./configure
There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.
The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.
The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.
The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].
[1] https://issues.asterisk.org/jira/browse/ASTERISK-21720
[2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
[3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
[4] http://asteriskfaqs.org/tag/information/page/6
was:
Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provided dynamic analysis (runtime) by way of its sanitizers.
Configuring with Clang results in compile failures. For example:
export CC=clang
export CXX=clang++
./configure
There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.
The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.
The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.
The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].
[1] https://issues.asterisk.org/jira/browse/ASTERISK-21720
[2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
[3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
[4] http://asteriskfaqs.org/tag/information/page/6
> Please support Clang; Allow no-exec stacks
> ------------------------------------------
>
> Key: ASTERISK-24133
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24133
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Core/BuildSystem
> Affects Versions: 12.4.0
> Environment: Linux and OS X
> Reporter: Jeffrey Walton
>
> Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provides dynamic analysis (runtime) by way of its sanitizers.
> Configuring with Clang results in compile failures. For example:
> export CC=clang
> export CXX=clang++
> ./configure
> There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.
> The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.
> The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.
> The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].
> [1] https://issues.asterisk.org/jira/browse/ASTERISK-21720
> [2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
> [3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
> [4] http://asteriskfaqs.org/tag/information/page/6
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list