[asterisk-bugs] [JIRA] (ASTERISK-24133) Please support Clang; Allow no-exec stacks

Richard Mudgett (JIRA) noreply at issues.asterisk.org
Wed Jul 30 11:10:56 CDT 2014


     [ https://issues.asterisk.org/jira/browse/ASTERISK-24133?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Richard Mudgett updated ASTERISK-24133:
---------------------------------------

    Description: 
Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provides dynamic analysis (runtime) by way of its sanitizers.

Configuring with Clang results in compile failures. For example:

    export CC=clang
    export CXX=clang++
    ./configure

There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.

The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.

The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.

The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].

[1] ASTERISK-21720
[2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
[3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
[4] http://asteriskfaqs.org/tag/information/page/6

  was:
Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provides dynamic analysis (runtime) by way of its sanitizers.

Configuring with Clang results in compile failures. For example:

    export CC=clang
    export CXX=clang++
    ./configure

There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.

The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.

The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.

The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].

[1] https://issues.asterisk.org/jira/browse/ASTERISK-21720
[2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
[3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
[4] http://asteriskfaqs.org/tag/information/page/6


> Please support Clang; Allow no-exec stacks
> ------------------------------------------
>
>                 Key: ASTERISK-24133
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-24133
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Core/BuildSystem
>    Affects Versions: 12.4.0
>         Environment: Linux and OS X
>            Reporter: Jeffrey Walton
>
> Please support Clang. Clang is a useful compiler because (1) its the preferred or default compiler on some platforms (for example, OS X); (2) it allows additional static analysis (compile time); and (3) it provides dynamic analysis (runtime) by way of its sanitizers.
> Configuring with Clang results in compile failures. For example:
>     export CC=clang
>     export CXX=clang++
>     ./configure
> There appears to be two broad issues. First, Clang does not support GCC's nested functions. Nested functions are a problem for both portability and security. The compile errors speak to the portability issues. Loss of no-exec stacks is the security issue.
> The loss of no-exec stacks is probably a security related defect. Its not clear to me if Asterisk has a SDLC, so this is being file as an Improvement rather than a Bug.
> The first issue already has a solution at https://reviewboard.asterisk.org/r/3488/.
> The second issue is multiply defined symbols. The multiply defined symbols issue has existed for years. After spending a couple of days (on and off) searching for a solution, I have not found one. For a brief history, see [1,2,3,4].
> [1] ASTERISK-21720
> [2] http://clang.debian.net/status.php?version=3.3&key=MULTIPLE_DEF
> [3] http://lists.digium.com/pipermail/asterisk-users/2011-June/263933.html
> [4] http://asteriskfaqs.org/tag/information/page/6



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list