You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also! While the usual sanitizer runtime libraries aren't security hardened for use in production environments, but for UBSan there's -fsanitize-minimal-runtime which switches to a different runtime library that is intended for this purpose (or use -fsanitize-trap=... instead, which executes an illegal instruction on error). Note that if your program terminates with a UBSan error, an attacker who can check whether your program terminated or not could use that as a primitive to leak data, so consider the security impact on your use case carefully. UBSan has a quite small performance impact when building with optimization, so you could deploy to production with it enabled, or parts of it enabled.
I'd like some feedback from the various distros & such. Is there a big drawback to this? It sounds potentially helpful, but I don't have any experience doing this for production.
The text was updated successfully, but these errors were encountered:
In https://news.ycombinator.com/item?id=38478866 nlewycky reports the following:
I'd like some feedback from the various distros & such. Is there a big drawback to this? It sounds potentially helpful, but I don't have any experience doing this for production.
The text was updated successfully, but these errors were encountered: