@swapgs @clathetic note the caveat in the related blogpost https://blog.hboeck.de/archives/879-Safer-use-of-C-code-running-Gentoo-with-Address-Sanitizer.html link to https://www.openwall.com/lists/oss-security/2016/02/17/9 tl;dr ASAN isn't made for production, introduces additional vulns. If you want to go down that path, you'd have to redesign a "safe ASAN" for production. Not impossible, but the ASAN we have ain't it.
=> More informations about this toot | View the thread | More toots from hanno@mastodon.social
=> View swapgs@infosec.exchange profile | View clathetic@infosec.exchange profile
text/geminiThis content has been proxied by September (3851b).