CrowCpp
diff --git a/‎.github/workflows/build_and_test.yml‎
Lines changed: 35 additions & 2 deletions b/‎.github/workflows/build_and_test.yml‎
Lines changed: 35 additions & 2 deletions
diff --git a/‎.github/workflows/cifuzz.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/cifuzz.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/submit_coverage.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/submit_coverage.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎CMakeLists.txt‎
Lines changed: 4 additions & 1 deletion b/‎CMakeLists.txt‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎CMakePresets.json‎
Lines changed: 67 additions & 10 deletions b/‎CMakePresets.json‎
Lines changed: 67 additions & 10 deletions
diff --git a/‎CMakeUserPresets.json‎
Lines changed: 55 additions & 6 deletions b/‎CMakeUserPresets.json‎
Lines changed: 55 additions & 6 deletions
diff --git a/‎cmake/compiler_options.cmake‎
Lines changed: 21 additions & 0 deletions b/‎cmake/compiler_options.cmake‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎examples/CMakeLists.txt‎
Lines changed: 4 additions & 0 deletions b/‎examples/CMakeLists.txt‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎examples/helloworld_inject.cpp‎
Lines changed: 16 additions & 0 deletions b/‎examples/helloworld_inject.cpp‎
Lines changed: 16 additions & 0 deletions
@@ -137,7 +137,7 @@ jobs:
       shell: bash
 
     - name: Save report
-      uses: actions/upload-artifact@v6
+      uses: actions/upload-artifact@v7
       if: matrix.os == 'ubuntu-latest' && matrix.compiler == 'gcc' && matrix.cxx_stdlib == 'libstdc++' && matrix.asio_type == 'boost' && !startsWith(github.ref, 'refs/heads/v')
       with:
         name: coveralls.json
@@ -159,7 +159,7 @@ jobs:
       shell: bash
 
     - name: Upload Linux packages
-      uses: actions/upload-artifact@v6
+      uses: actions/upload-artifact@v7
       if: matrix.os == 'ubuntu-latest' && matrix.compiler == 'gcc' && matrix.cxx_stdlib == 'libstdc++' && matrix.asio_type == 'boost' && startsWith(github.ref, 'refs/heads/v')
       with:
         name: packages-linux
@@ -187,3 +187,36 @@ jobs:
         overwrite: true
         path: |
           ${{github.workspace}}/build/Crow-*
+
+  sanitize:
+    name: Sanitizer Tests (ASan + UBSan)
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v6
+
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -yq \
+          libasio-dev \
+          libssl-dev zlib1g-dev \
+          cmake g++
+
+    - name: Configure with sanitizers
+      run: |
+        cmake --preset ci-sanitize \
+          -DCROW_BUILD_TESTS=ON \
+          -DCROW_ENABLE_SSL=ON \
+          -DCROW_ENABLE_COMPRESSION=ON \
+          -DCROW_ENABLE_SANITIZERS=ON
+
+    - name: Build
+      run: cmake --build build/sanitize -j $(nproc)
+
+    - name: Test under sanitizers
+      working-directory: ${{github.workspace}}/build/sanitize
+      env:
+        ASAN_OPTIONS: "strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:detect_leaks=0"
+        UBSAN_OPTIONS: "print_stacktrace=1"
+      run: ctest --output-on-failure
+      
@@ -25,7 +25,7 @@ jobs:
         fuzz-seconds: 800
         output-sarif: true
     - name: Upload Crash
-      uses: actions/upload-artifact@v6
+      uses: actions/upload-artifact@v7
       if: failure() && steps.build.outcome == 'success'
       with:
         name: artifacts
 
@@ -16,7 +16,7 @@ jobs:
     if: github.event.workflow_run.conclusion == 'success'
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@v14
+        uses: dawidd6/action-download-artifact@v19
         with:
           workflow: ${{ github.event.workflow_run.workflow_id }}
           workflow_conclusion: success
 
@@ -47,6 +47,7 @@ find_package(Python3)
 option(CROW_BUILD_EXAMPLES     "Build the examples in the project"      ${CROW_IS_MAIN_PROJECT})
 option(CROW_BUILD_TESTS        "Build the tests in the project"         ${CROW_IS_MAIN_PROJECT})
 option(CROW_BUILD_FUZZER       "Instrument and build Crow fuzzer"       OFF)
+option(CROW_ENABLE_SANITIZERS  "Enable sanitizers (ASan, UBSan) for test builds" OFF)
 option(CROW_AMALGAMATE         "Combine all headers into one"           OFF)
 option(CROW_INSTALL            "Add install step for Crow"              ON )
 option(CROW_USE_BOOST          "Use Boost.Asio for Crow"                OFF)
@@ -114,7 +115,9 @@ if(CROW_USE_BOOST)
 	if(Boost_VERSION VERSION_LESS 1.89)
 		find_package(Boost 1.64 COMPONENTS system REQUIRED)
 	else()
-		add_library(Boost::system ALIAS Boost::headers)
+		if(NOT TARGET Boost::system)
+			add_library(Boost::system ALIAS Boost::headers)
+		endif()
 	endif()
 	target_link_libraries(Crow
 		INTERFACE
 
@@ -12,7 +12,7 @@
       "warnings": {
         "dev": true,
         "deprecated": true,
-        "uninitialized": true,
+        "uninitialized": false,
         "unusedCli": true,
         "systemVars": false
       },
@@ -81,7 +81,10 @@
     },
     {
       "name": "ci-linux",
-      "inherits": ["flags-gcc-clang", "ci-std"],
+      "inherits": [
+        "flags-gcc-clang",
+        "ci-std"
+      ],
       "generator": "Unix Makefiles",
       "hidden": true,
       "cacheVariables": {
@@ -90,13 +93,19 @@
     },
     {
       "name": "ci-darwin",
-      "inherits": ["flags-appleclang", "ci-std"],
+      "inherits": [
+        "flags-appleclang",
+        "ci-std"
+      ],
       "generator": "Xcode",
       "hidden": true
     },
     {
       "name": "ci-win64",
-      "inherits": ["flags-msvc", "ci-std"],
+      "inherits": [
+        "flags-msvc",
+        "ci-std"
+      ],
       "generator": "Visual Studio 17 2022",
       "architecture": "x64",
       "hidden": true
@@ -116,15 +125,21 @@
     },
     {
       "name": "ci-coverage",
-      "inherits": ["coverage-linux", "dev-mode"],
+      "inherits": [
+        "coverage-linux",
+        "dev-mode"
+      ],
       "cacheVariables": {
         "COVERAGE_HTML_COMMAND": ""
       }
     },
     {
       "name": "ci-sanitize",
       "binaryDir": "${sourceDir}/build/sanitize",
-      "inherits": ["ci-linux", "dev-mode"],
+      "inherits": [
+        "ci-linux",
+        "dev-mode"
+      ],
       "cacheVariables": {
         "CMAKE_BUILD_TYPE": "Sanitize",
         "CMAKE_CXX_FLAGS_SANITIZE": "-U_FORTIFY_SOURCE -O2 -g -fsanitize=address,undefined -fno-omit-frame-pointer -fno-common"
@@ -145,15 +160,57 @@
     },
     {
       "name": "ci-macos",
-      "inherits": ["ci-build", "ci-darwin", "dev-mode", "ci-multi-config"]
+      "inherits": [
+        "ci-build",
+        "ci-darwin",
+        "dev-mode",
+        "ci-multi-config"
+      ]
     },
     {
       "name": "ci-ubuntu",
-      "inherits": ["ci-build", "ci-linux", "clang-tidy", "cppcheck", "dev-mode"]
+      "inherits": [
+        "ci-build",
+        "ci-linux",
+        "clang-tidy",
+        "cppcheck",
+        "dev-mode"
+      ]
     },
     {
       "name": "ci-windows",
-      "inherits": ["ci-build", "ci-win64", "dev-mode", "ci-multi-config"]
+      "inherits": [
+        "ci-build",
+        "ci-win64",
+        "dev-mode",
+        "ci-multi-config"
+      ]
+    }
+  ],
+  "buildPresets": [
+    {
+      "name": "ci-sanitize",
+      "configurePreset": "ci-sanitize",
+      "configuration": "Sanitize",
+      "jobs": 4
+    }
+  ],
+  "testPresets": [
+    {
+      "name": "ci-sanitize",
+      "configurePreset": "ci-sanitize",
+      "configuration": "Sanitize",
+      "output": {
+        "outputOnFailure": true
+      },
+      "execution": {
+        "jobs": 4,
+        "noTestsAction": "error"
+      },
+      "environment": {
+        "ASAN_OPTIONS": "strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:detect_leaks=0",
+        "UBSAN_OPTIONS": "print_stacktrace=1"
+      }
     }
   ]
-}
+}
@@ -9,15 +9,22 @@
     {
       "name": "dev-common",
       "hidden": true,
-      "inherits": ["dev-mode", "clang-tidy", "cppcheck"],
+      "inherits": [
+        "dev-mode",
+        "clang-tidy",
+        "cppcheck"
+      ],
       "cacheVariables": {
         "BUILD_MCSS_DOCS": "ON"
       }
     },
     {
       "name": "dev-linux",
       "binaryDir": "${sourceDir}/build/dev-linux",
-      "inherits": ["dev-common", "ci-linux"],
+      "inherits": [
+        "dev-common",
+        "ci-linux"
+      ],
       "cacheVariables": {
         "CMAKE_BUILD_TYPE": "Debug",
         "CMAKE_EXPORT_COMPILE_COMMANDS": "ON"
@@ -26,12 +33,18 @@
     {
       "name": "dev-darwin",
       "binaryDir": "${sourceDir}/build/dev-darwin",
-      "inherits": ["dev-common", "ci-darwin"]
+      "inherits": [
+        "dev-common",
+        "ci-darwin"
+      ]
     },
     {
       "name": "dev-win64",
       "binaryDir": "${sourceDir}/build/dev-win64",
-      "inherits": ["dev-common", "ci-win64"],
+      "inherits": [
+        "dev-common",
+        "ci-win64"
+      ],
       "environment": {
         "UseMultiToolTask": "true",
         "EnforceProcessCountAcrossBuilds": "true"
@@ -45,7 +58,21 @@
     {
       "name": "dev-coverage",
       "binaryDir": "${sourceDir}/build/coverage",
-      "inherits": ["dev-mode", "coverage-linux"]
+      "inherits": [
+        "dev-mode",
+        "coverage-linux"
+      ]
+    },
+    {
+      "name": "dev-sanitize",
+      "binaryDir": "${sourceDir}/build/sanitize",
+      "inherits": [
+        "dev-mode",
+        "ci-sanitize"
+      ],
+      "cacheVariables": {
+        "CMAKE_EXPORT_COMPILE_COMMANDS": "ON"
+      }
     }
   ],
   "buildPresets": [
@@ -54,6 +81,12 @@
       "configurePreset": "dev",
       "configuration": "Debug",
       "jobs": 10
+    },
+    {
+      "name": "dev-sanitize",
+      "configurePreset": "dev-sanitize",
+      "configuration": "Sanitize",
+      "jobs": 10
     }
   ],
   "testPresets": [
@@ -68,6 +101,22 @@
         "jobs": 10,
         "noTestsAction": "error"
       }
+    },
+    {
+      "name": "dev-sanitize",
+      "configurePreset": "dev-sanitize",
+      "configuration": "Sanitize",
+      "output": {
+        "outputOnFailure": true
+      },
+      "execution": {
+        "jobs": 10,
+        "noTestsAction": "error"
+      },
+      "environment": {
+        "ASAN_OPTIONS": "strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:detect_leaks=0",
+        "UBSAN_OPTIONS": "print_stacktrace=1"
+      }
     }
   ]
-}
+}
@@ -49,3 +49,24 @@ function(add_warnings_optimizations target_name)
     )
   endif()
 endfunction()
+
+# Sanitizer flags for test builds (ASan + UBSan)
+function(add_sanitizer_flags target_name)
+  if(CROW_ENABLE_SANITIZERS)
+    if(MSVC)
+      # MSVC supports /fsanitize=address but not UBSan
+      target_compile_options(${target_name} PRIVATE /fsanitize=address)
+    elseif(NOT "${CMAKE_SYSTEM_NAME}" STREQUAL "Android")
+      target_compile_options(${target_name}
+        PRIVATE
+          -fsanitize=address,undefined
+          -fno-omit-frame-pointer
+          -fno-common
+      )
+      target_link_options(${target_name}
+        PRIVATE
+          -fsanitize=address,undefined
+      )
+    endif()
+  endif()
+endfunction()
@@ -7,6 +7,10 @@ add_executable(helloworld helloworld.cpp)
 add_warnings_optimizations(helloworld)
 target_link_libraries(helloworld PUBLIC Crow::Crow)
 
+add_executable(helloworld_inject helloworld_inject.cpp)
+add_warnings_optimizations(helloworld_inject)
+target_link_libraries(helloworld_inject PUBLIC Crow::Crow)
+
 # If compression is enabled, the example will be built
 if("compression" IN_LIST CROW_FEATURES)
   add_executable(example_compression example_compression.cpp)
 
@@ -0,0 +1,16 @@
+#include "crow.h"
+
+int main()
+{
+    crow::SimpleApp app;
+
+    CROW_ROUTE(app, "/")
+    ([](const crow::request &req, crow::response& res) {
+        res.write("Hello, world!");
+        res.set_header("X-Custom", "safe\r\nInjected: yes");
+        res.end();
+        //return "Hello, world!";
+    });
+
+    app.port(18080).run();
+}