diff --git a/ci/build.yml b/ci/build.yml index a77da3ee6..b61537ac9 100644 --- a/ci/build.yml +++ b/ci/build.yml @@ -217,6 +217,8 @@ crypto build: stage: build <<: *gitlab_caching needs: [] + variables: + ADDRESS_SANITIZER: "1" only: changes: - .gitlab-ci.yml diff --git a/crypto/Makefile b/crypto/Makefile index c9d514732..bcb098621 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -1,11 +1,9 @@ ifeq ($(FUZZER),1) CC ?= clang LD ?= $(CC) - SANFLAGS += -fsanitize=fuzzer - -CFLAGS += $(SANFLAGS) -LDFLAGS += $(SANFLAGS) +else ifeq ($(ADDRESS_SANITIZER),1) +SANFLAGS += -fsanitize=address endif CC ?= gcc @@ -13,6 +11,7 @@ CC ?= gcc OPTFLAGS ?= -O3 -g CFLAGS += $(OPTFLAGS) \ + $(SANFLAGS) \ -std=gnu99 \ -W \ -Wall \ @@ -118,18 +117,18 @@ all: tools tests tests: tests/test_check tests/test_openssl tests/test_speed tests/libtrezor-crypto.so tests/aestst tests/aestst: aes/aestst.o aes/aescrypt.o aes/aeskey.o aes/aestab.o - $(CC) $^ -o $@ + $(CC) $(CFLAGS) $^ -o $@ tests/test_check.o: tests/test_check_cardano.h tests/test_check_monero.h tests/test_check_cashaddr.h tests/test_check_segwit.h tests/test_check: tests/test_check.o $(OBJS) - $(CC) tests/test_check.o $(OBJS) $(TESTLIBS) -o tests/test_check + $(CC) $(CFLAGS) tests/test_check.o $(OBJS) $(TESTLIBS) -o tests/test_check tests/test_speed: tests/test_speed.o $(OBJS) - $(CC) tests/test_speed.o $(OBJS) -o tests/test_speed + $(CC) $(CFLAGS) tests/test_speed.o $(OBJS) -o tests/test_speed tests/test_openssl: tests/test_openssl.o $(OBJS) - $(CC) tests/test_openssl.o $(OBJS) $(TESTSSLLIBS) -o tests/test_openssl + $(CC) $(CFLAGS) tests/test_openssl.o $(OBJS) $(TESTSSLLIBS) -o tests/test_openssl tests/libtrezor-crypto.so: $(SRCS) secp256k1-zkp.o $(CC) $(CFLAGS) -DAES_128 -DAES_192 -fPIC -shared $(SRCS) secp256k1-zkp.o -o tests/libtrezor-crypto.so @@ -137,13 +136,13 @@ tests/libtrezor-crypto.so: $(SRCS) secp256k1-zkp.o tools: tools/xpubaddrgen tools/mktable tools/bip39bruteforce tools/xpubaddrgen: tools/xpubaddrgen.o $(OBJS) - $(CC) tools/xpubaddrgen.o $(OBJS) -o tools/xpubaddrgen + $(CC) $(CFLAGS) tools/xpubaddrgen.o $(OBJS) -o tools/xpubaddrgen tools/mktable: tools/mktable.o $(OBJS) - $(CC) tools/mktable.o $(OBJS) -o tools/mktable + $(CC) $(CFLAGS) tools/mktable.o $(OBJS) -o tools/mktable tools/bip39bruteforce: tools/bip39bruteforce.o $(OBJS) - $(CC) tools/bip39bruteforce.o $(OBJS) -o tools/bip39bruteforce + $(CC) $(CFLAGS) tools/bip39bruteforce.o $(OBJS) -o tools/bip39bruteforce fuzzer: fuzzer/fuzzer.o $(OBJS) $(CC) $(CFLAGS) fuzzer/fuzzer.o $(OBJS) -o fuzzer/fuzzer diff --git a/docs/tests/device-tests.md b/docs/tests/device-tests.md index be8170ea7..da4206cae 100644 --- a/docs/tests/device-tests.md +++ b/docs/tests/device-tests.md @@ -85,7 +85,7 @@ make build_unix_debug ``` The final executable is significantly slower due to ASAN(Address Sanitizer) integration. -If you wan't to catch some memory errors use this. +If you want to catch some memory errors use this. ```sh time ASAN_OPTIONS=verbosity=1:detect_invalid_pointer_pairs=1:strict_init_order=true:strict_string_checks=true TREZOR_PROFILE="" poetry run make test_emu diff --git a/legacy/Makefile.include b/legacy/Makefile.include index 004c836d2..f5237ea07 100644 --- a/legacy/Makefile.include +++ b/legacy/Makefile.include @@ -21,6 +21,9 @@ OPTFLAGS ?= -O3 DBGFLAGS ?= -g3 -ggdb3 CPUFLAGS ?= FPUFLAGS ?= +ifeq ($(ADDRESS_SANITIZER),1) +SANFLAGS += -fsanitize=address +endif else PREFIX ?= arm-none-eabi- CC := $(PREFIX)gcc @@ -42,6 +45,7 @@ endif CFLAGS += $(OPTFLAGS) \ $(DBGFLAGS) \ + $(SANFLAGS) \ -std=gnu11 \ -W \ -Wall \ @@ -81,6 +85,7 @@ CFLAGS += $(OPTFLAGS) \ LDFLAGS += -L$(TOP_DIR) \ $(DBGFLAGS) \ + $(SANFLAGS) \ $(CPUFLAGS) \ $(FPUFLAGS) diff --git a/storage/tests/Makefile b/storage/tests/Makefile index e9d8ac17c..203e17b08 100644 --- a/storage/tests/Makefile +++ b/storage/tests/Makefile @@ -1,9 +1,15 @@ .PHONY: tests +export ASAN_OPTIONS=verify_asan_link_order=0 + build: $(MAKE) -C c $(MAKE) -C c0 +clean: + $(MAKE) -C c clean + $(MAKE) -C c0 clean + ## tests commands: tests: pytest --junitxml=../../tests/junit.xml -k "not hypothesis" diff --git a/storage/tests/c/Makefile b/storage/tests/c/Makefile index 78330ccc8..6b7c54eac 100644 --- a/storage/tests/c/Makefile +++ b/storage/tests/c/Makefile @@ -1,5 +1,5 @@ CC = gcc -CFLAGS = -Wall -Wshadow -Wextra -Wpedantic -Werror -Wno-missing-braces -fPIC +CFLAGS = -Wall -Wshadow -Wextra -Wpedantic -Werror -Wno-missing-braces -fPIC -fsanitize=address LIBS = INC = -I ../../../crypto -I ../.. -I . BASE = ../../../