icu icon indicating copy to clipboard operation
icu copied to clipboard

Published 20 hours ago verified publisher icon unicode-org

ICU-21374 Add a CFI build bot for ICU4C

Open erik0686 opened this issue 2 years ago • 3 comments

Checklist
  • [x] Required: Issue filed: https://unicode-org.atlassian.net/browse/ICU-21374
  • [x] Required: The PR title must be prefixed with a JIRA Issue number.
  • [x] Required: The PR description must include the link to the Jira Issue, for example by completing the URL in the first checklist item
  • [ ] Required: Each commit message must be prefixed with a JIRA Issue number.
  • [x] Issue accepted (done by Technical Committee after discussion)
  • [ ] Tests included, if applicable
  • [ ] API docs and/or User Guide docs changed or added, if applicable

erik0686 avatar Aug 24 '21 23:08 erik0686

How about we also add -fno-sanitize-trap=all and -fsanitize-recover=

see https://blog.fuzzing-project.org/57-Diving-into-Control-Flow-Integrity.html

FrankYFTang avatar Aug 27 '21 02:08 FrankYFTang

Progress? Assignee? Reviewers? @erik0686 @jefgen @rp9-next @gnrunge

markusicu avatar Sep 06 '22 22:09 markusicu

I checked with @erik0686 on this. It seems, enabling the bot opened gates for potential issues in ICU code that may have to be re-investigated.

Considering the time gap, the build bot might also need to be re-done.

It seems @FrankYFTang was interested in helping last time. Maybe we can start working on it post 72.

rp9-next avatar Sep 07 '22 19:09 rp9-next

@FrankYFTang & @rp9-next please try to move this forward.

markusicu avatar Jan 12 '23 17:01 markusicu

Move the content of this PR to https://github.com/unicode-org/icu/pull/2284 since I cannot push into https://github.com/erik0686/icu/tree/cfi-buildbot

FrankYFTang avatar Jan 14 '23 07:01 FrankYFTang