On Sat, May 16, 2020 at 12:47 PM Bruno Haible <br...@clisp.org> wrote: > > Tim Rühsen wrote: > > At GNU wget we have conditional cleanup functions. That is compilation > > with -DDEBUG_MALLOC in $CFLAGS will add those cleanup functions and they > > are called before wget exits. Handy for testing, but you have to build > > an extra executable. > > How about using an environment variable instead? You would set it in the > Automake variable TESTS_ENVIRONMENT. > > Then you would not need an extra executable, and the individual tests in > your testsuite do not need to me modified.
I can't speak for Tim and his projects, but I prefer to run a release build with diagnostics. Something like '-g2 -O3 -DNDEBUG -fsanitize=asan', install it, and then use it long term. One of the [many] reasons this is important is, it provides additional coverage beyond the test cases. In the wild I may encounter an attacker supplied input that tickles a problem, like a buffer overflow. Or I may encounter an otherwise benign input that tickles a problem. The folks who pursue tailored access do this sort of thing. Their methodologies are mature, and their attack trees are wide and deep. I have first hand knowledge of some of the tricks. Years ago I worked with a firm that sold exploit packages to Northrop Grumman Electronic Warfare division. Decades ago I worked with another firm that guarded US supercomputing centers. It had offensive capabilities to work back to determine the source of the attack. Jeff
