[clang] [sanitizer] Document AddressSanitizer security considerations (PR #100937)
via cfe-commits
cfe-commits at lists.llvm.org
Sun Jul 28 08:35:44 PDT 2024
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-clang
Author: None (bigb4ng)
<details>
<summary>Changes</summary>
Follow-up to #<!-- -->92593.
Also makes #<!-- -->92611, https://github.com/google/sanitizers/issues/1130 obsolete.
---
Full diff: https://github.com/llvm/llvm-project/pull/100937.diff
1 Files Affected:
- (modified) clang/docs/AddressSanitizer.rst (+8)
``````````diff
diff --git a/clang/docs/AddressSanitizer.rst b/clang/docs/AddressSanitizer.rst
index e1997153f2037..d543b49d64c05 100644
--- a/clang/docs/AddressSanitizer.rst
+++ b/clang/docs/AddressSanitizer.rst
@@ -313,6 +313,14 @@ Limitations
usually expected.
* Static linking of executables is not supported.
+Security Considerations
+=======================
+
+AddressSanitizer is a bug detection tool and is not meant to be linked
+against production executables. While it may be useful for testing,
+AddressSanitizer's runtime was not developed with security-sensitive
+constraints in mind and may compromise the security of the resulting executable.
+
Supported Platforms
===================
``````````
</details>
https://github.com/llvm/llvm-project/pull/100937
More information about the cfe-commits
mailing list