mschwager
commented
7 months ago This is a bit more challenging than I initially anticipated due to the way Ruzzy is structured. When fuzzing C extensions, there ends up being two C extensions: the Ruzzy C extension and the target C extension. The Ruzzy C extension is the one we have the most control over, but I believe __asan_default_options would have to be defined in the target C extension. This certainly isn't impossible, but it's more work than adding __asan_default_options to cruzzy.c.
ASan flags can be specified in a number of ways: https://github.com/google/sanitizers/wiki/AddressSanitizerFlags#run-time-flags.
Currently, we use the
ASAN_OPTIONSENV variable in a number of places:https://github.com/trailofbits/ruzzy/blob/be400457316933d607550580aa68f33e01ce16a3/README.md#L57-L70
https://github.com/trailofbits/ruzzy/blob/be400457316933d607550580aa68f33e01ce16a3/Dockerfile#L23-L26
The downside of this approach is that we require an additional step from users to
exportthis ENV variable. If we use the__asan_default_optionsfunction in our source code, then that's one less step. We still need to confirm thatASAN_OPTIONScan overwrite__asan_default_optionsat runtime in case users need different options.