From d17cd053ea6acbaf512c17ca55c39e2f6896a254 Mon Sep 17 00:00:00 2001 From: Catena cyber <35799796+catenacyber@users.noreply.github.com> Date: Wed, 28 Sep 2022 12:53:50 +0200 Subject: [PATCH] suricata: build with memory sanitizer (#8614) with zlib compiled with MSAN Should fix #8574 cc @jonathanmetzman --- projects/suricata/Dockerfile | 1 + projects/suricata/build.sh | 11 +++++++++++ projects/suricata/project.yaml | 1 + 3 files changed, 13 insertions(+) diff --git a/projects/suricata/Dockerfile b/projects/suricata/Dockerfile index b691df2ee..3df3f1ab4 100644 --- a/projects/suricata/Dockerfile +++ b/projects/suricata/Dockerfile @@ -23,6 +23,7 @@ ADD https://www.tcpdump.org/release/libpcap-1.9.1.tar.gz libpcap-1.9.1.tar.gz ADD http://www.digip.org/jansson/releases/jansson-2.12.tar.gz jansson-2.12.tar.gz RUN git clone --depth=1 https://github.com/yaml/libyaml ADD https://github.com/lz4/lz4/archive/v1.9.2.tar.gz lz4-1.9.2.tar.gz +RUN git clone --depth 1 -b develop https://github.com/madler/zlib.git RUN git clone --depth=1 https://github.com/catenacyber/fuzzpcap ADD https://rules.emergingthreats.net/open/suricata/emerging.rules.zip emerging.rules.zip diff --git a/projects/suricata/build.sh b/projects/suricata/build.sh index a971415ea..8e19bd8df 100755 --- a/projects/suricata/build.sh +++ b/projects/suricata/build.sh @@ -16,6 +16,17 @@ ################################################################################ # build dependencies statically +if [ "$SANITIZER" = "memory" ] +then + ( + cd zlib + ./configure --static + make -j$(nproc) clean + make -j$(nproc) all + make -j$(nproc) install + ) +fi + ( tar -xvzf pcre2-10.39.tar.gz cd pcre2-10.39 diff --git a/projects/suricata/project.yaml b/projects/suricata/project.yaml index a9b6f782b..cd9e9e5c7 100644 --- a/projects/suricata/project.yaml +++ b/projects/suricata/project.yaml @@ -6,5 +6,6 @@ auto_ccs: - "p.antoine@catenacyber.fr" sanitizers: - address + - memory - undefined main_repo: 'https://github.com/OISF/suricata.git'