From b51ac556dc133d17aab450497e28c77096264dee Mon Sep 17 00:00:00 2001
From: Petter Reinholdtsen <pere@debian.org>
Date: Sun, 9 Mar 2025 13:06:26 +0100
Subject: [PATCH] Added configure option --enable-gcc-sanitizeers.

The security issue CVE-2024-56431 was discovered using GCC address
sanitaztion.  Make it easier to run this check, and run it in
gitlab CI.

Based on a comment in !28.
---
 .gitlab-ci.yml    |  6 ++++++
 configure.ac      | 12 ++++++++++++
 tests/Makefile.am |  4 +++-
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 58688e10..bd8efaec 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -68,6 +68,12 @@ autotools-enable-valgrind-testing:
     INSTALL_EXTRA: libtool valgrind
     CONFIG_FLAGS: --enable-valgrind-testing
 
+autotools-enable-gcc-sanitizers:
+  extends: .autoconf
+  variables:
+    INSTALL_EXTRA: libtool
+    CONFIG_FLAGS: --enable-gcc-sanitizers
+
 scons:
   stage: build
   before_script:
diff --git a/configure.ac b/configure.ac
index 61b4cbdd..fb5d9b25 100644
--- a/configure.ac
+++ b/configure.ac
@@ -196,6 +196,18 @@ else
 fi
 CFLAGS="$CFLAGS $cflags_save"
 
+AC_ARG_ENABLE(gcc-sanitizers,
+    AS_HELP_STRING([--enable-gcc-sanitizers], [Enable GCC sanitizers]),
+    [ ac_enable_gcc_sanitizers=$enableval ], [ ac_enable_gcc_sanitizers=no] )
+
+if test "$GCC" && test "x${ac_enable_gcc_sanitizers}" = xyes; then
+  CFLAGS="${CFLAGS} -fsanitize=address -fsanitize=undefined -g"
+  LDFLAGS="${CFLAGS} -fsanitize=address"
+
+  TEST_ENV="env UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1"
+  AC_SUBST(TEST_ENV)
+fi
+
 cpu_x86_64=no
 cpu_x86_32=no
 cpu_arm=no
diff --git a/tests/Makefile.am b/tests/Makefile.am
index bcd60f92..e4c9183e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -10,7 +10,9 @@ THEORAENC_LIBS = $(THEORADIR)/libtheoraenc.la \
 		 $(THEORADIR)/libtheoradec.la $(OGG_LIBS)
 test: check
 
-LOG_COMPILER=$(LIBTOOL) --mode=execute $(VALGRIND)
+TEST_ENV = @TEST_ENV@
+
+LOG_COMPILER=$(LIBTOOL) --mode=execute $(VALGRIND) $(TEST_ENV)
 
 TESTS_DEC = noop_theora \
 	comment comment_theoradec comment_theora
-- 
GitLab