add UBSAN option

aws · Feb 24, 2024 · 65c06aa · 65c06aa
1 parent fcc0d40
commit 65c06aa
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -197,7 +197,13 @@ if(ASAN)
     target_link_options(${PROJECT_NAME} PUBLIC -fsanitize=address)
 endif()
 
-if(TSAN OR ASAN)
+if (UBSAN)
+    target_compile_options(${PROJECT_NAME} PUBLIC -fsanitize=undefined -fno-sanitize-recover=all -DS2N_ADDRESS_SANITIZER=1)
+    target_link_options(${PROJECT_NAME} PUBLIC -fsanitize=undefined -fno-sanitize-recover=all)
+endif()
+
+
+if(TSAN OR ASAN OR UBSAN)
     # no-omit-frame-pointer and no-optimize-sibling-calls provide better stack traces
     target_compile_options(${PROJECT_NAME} PUBLIC -fno-omit-frame-pointer -fno-optimize-sibling-calls)
 endif()

diff --git a/tests/testlib/s2n_key_schedule_testlib.c b/tests/testlib/s2n_key_schedule_testlib.c
@@ -19,7 +19,7 @@ S2N_RESULT s2n_connection_set_test_transcript_hash(struct s2n_connection *conn,
         message_type_t message_type, const struct s2n_blob *digest)
 {
     RESULT_GUARD(s2n_connection_set_test_message_type(conn, message_type));
-    conn->handshake.handshake_type = conn->handshake.handshake_type & NEGOTIATED;
+    conn->handshake.handshake_type &= NEGOTIATED;
     RESULT_ENSURE_EQ(s2n_conn_get_current_message_type(conn), message_type);
     RESULT_CHECKED_MEMCPY(conn->handshake.hashes->transcript_hash_digest,
             digest->data, digest->size);
@@ -59,7 +59,8 @@ S2N_RESULT s2n_connection_set_test_master_secret(struct s2n_connection *conn,
     return S2N_RESULT_OK;
 }
 
-S2N_RESULT s2n_connection_set_test_message_type(struct s2n_connection *conn, message_type_t expected_message_type) {
+S2N_RESULT s2n_connection_set_test_message_type(struct s2n_connection *conn, message_type_t expected_message_type)
+{
     /* scan over all handshake types until the desired message type is found */
     for (uint32_t handshake = 0; handshake < S2N_HANDSHAKES_COUNT; handshake++) {
         for (int message = 0; message < S2N_MAX_HANDSHAKE_LENGTH; message++) {

diff --git a/tls/s2n_handshake.h b/tls/s2n_handshake.h
@@ -48,7 +48,7 @@
 #define TLS_MESSAGE_HASH              254
 
 /* Maximum number of messages in a handshake */
-#define S2N_MAX_HANDSHAKE_LENGTH    32
+#define S2N_MAX_HANDSHAKE_LENGTH 32
 
 /* This is the list of message types that we support */
 typedef enum {
@@ -89,7 +89,7 @@ typedef enum {
  * starts off on the initial enum, which indicates we're using
  * the TLS12 state machine. Once the handshake version is determined
  * the enum is set to either the TLS12 or TLS13 state machine.
- * This works because the initial entries in both the TLS12 and
+ * This works because the initial entries in both the TLS12 and 
  * TLS13 state machines are the same. */
 typedef enum {
     S2N_STATE_MACHINE_INITIAL = 0,