Skip to content

cc1plus error -fsanitize-coverage=4 #2431

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ghost opened this issue Oct 22, 2020 · 3 comments
Closed

cc1plus error -fsanitize-coverage=4 #2431

ghost opened this issue Oct 22, 2020 · 3 comments

Comments

@ghost
Copy link

ghost commented Oct 22, 2020

Describe the bug

-fsanitize-coverage=4 throws an error using

./configure --with-curl=/usr --with-lmdb=/usr --enable-afl-fuzz --enable-parser-generation --enable-mutex-on-pm

after running command export CXX=afl-clang-fast++ and finally make.

Logs and dumps

Specfically:
cc1plus: error: unrecognized argument to ‘-fsanitize-coverage=’ option: ‘4’

Generally:

libtool: compile:  g++ -DHAVE_CONFIG_H -I. -I../../src -std=c++11 -I../.. -I../../headers -I../../others -std=c++11 -I.. -g -fPIC -O3 -DWITH_GEOIP -I/usr/include/ -fsanitize=address -fsanitize-coverage=4 -DWITH_YAJL -I/usr/include/yajl -DWITH_LMDB -I/usr/include -DPCRE_HAVE_JIT -I/usr/include/libxml2 -DWITH_LIBXML2 -g -O2 -MT libmodsec_parser_la-seclang-parser.lo -MD -MP -MF .deps/libmodsec_parser_la-seclang-parser.Tpo -c seclang-parser.cc  -fPIC -DPIC -o .libs/libmodsec_parser_la-seclang-parser.o

cc1plus: error: unrecognized argument to ‘-fsanitize-coverage=’ option: ‘4’
make[4]: *** [Makefile:588: libmodsec_parser_la-seclang-parser.lo] Error 1
make[4]: Leaving directory '/opt/ModSecurity/src/parser'
make[3]: *** [Makefile:499: all] Error 2
make[3]: Leaving directory '/opt/ModSecurity/src/parser'
make[2]: *** [Makefile:3464: all-recursive] Error 1
make[2]: Leaving directory '/opt/ModSecurity/src'
make[1]: *** [Makefile:1219: all] Error 2
make[1]: Leaving directory '/opt/ModSecurity/src'
make: *** [Makefile:1030: all-recursive] Error 1

To Reproduce

Tell me how to reproduce it

Expected behavior

I don't know what I should be expecting.

Server (please complete the following information):

  • ModSecurity version: 3.0.4
  • OS (and distro): Ubuntu 20.04

Rule Set (please complete the following information):
N/A

Additional context

I have found this resource explaining what -fsanitize-coverage=4 means from
clang cpp flags:

Original semantics of -fsanitize-coverage flag is preserved:
  * -fsanitize-coverage=0 disables the coverage
  * -fsanitize-coverage=1 is a synonym for -fsanitize-coverage=func
  * -fsanitize-coverage=2 is a synonym for -fsanitize-coverage=bb
  * -fsanitize-coverage=3 is a synonym for -fsanitize-coverage=edge
  * -fsanitize-coverage=4 is a synonym for -fsanitize-coverage=edge,indirect-calls

I am not sure what -fsanitize-coverage=edge,indirect-calls is used for.

Also, here is my Configuration Output:


 Mandatory dependencies
   + libInjection                                  ....v3.9.2-30-gbf234eb
   + SecLang tests                                 ....d03f4c1

 Optional dependencies
   + GeoIP/MaxMind                                 ....found
      * (MaxMind) v1.4.2
         -lmaxminddb, -DWITH_MAXMIND -I/usr/include/x86_64-linux-gnu
      * (GeoIP) v1.6.12
         -lGeoIP, -I/usr/include/
   + LibCURL                                       ....found v7.68.0
      -lcurl,  -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
   + YAJL                                          ....found v2.1.0
      -lyajl, -DWITH_YAJL -I/usr/include/yajl
   + LMDB                                          ....found
      -llmdb, -DWITH_LMDB -I/usr/include
   + LibXML2                                       ....found v2.9.10
      -lxml2, -I/usr/include/libxml2 -DWITH_LIBXML2
   + SSDEEP                                        ....found
      -lfuzzy -L/usr/lib/x86_64-linux-gnu/, -DWITH_SSDEEP -I/usr/include
   + LUA                                           ....found v503
      -llua5.3 -L/usr/lib/x86_64-linux-gnu/, -DWITH_LUA -DWITH_LUA_5_3 -I/usr/include/lua5.3

 Other Options
   + Test Utilities                                ....enabled
   + SecDebugLog                                   ....enabled
   + afl fuzzer                                    ....enabled
    (-fsanitize=address -fsanitize-coverage=4 )
   + library examples                              ....enabled
   + Building parser                               ....enabled
   + Treating pm operations as critical section    ....enabled

WARNING: afl fuzzer was enabled. Make sure you are using the
 'afl-clang-fast' as the compiler, otherwise the compilation
  will fail.

 You can set the compiler using:

  $ export CXX=afl-clang-fast++
  $ export CC=afl-clang-fast
@zimmerle
Copy link
Contributor

Those flags are dependent on your infrastructure/clang are you really interested in run afl on ModSec?

@ghost
Copy link
Author

ghost commented Oct 22, 2020
edited by ghost
Loading

To be honest, I don't know what I'm getting myself into.

I don't know why I would need afl (or any other options for that matter).

It sounds like afl isn't essential, so the answer to your question is: no, I'm not that interested and thus, will run ModSec without it.

However, that leaves me wondering what the use of afl on ModSec is.

@zimmerle
Copy link
Contributor

zimmerle commented Nov 3, 2020

afl is something to test ModSecurity is not something to run ModSecurity with. For further info on AFL - https://github.com/google/AFL

@zimmerle zimmerle closed this as completed Nov 3, 2020
@akama-aka akama-aka mentioned this issue Jan 18, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zimmerle