[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: write past end of buffer in vasnprintf() implementation of %f

From: Bruno Haible
Subject: Re: write past end of buffer in vasnprintf() implementation of %f
Date: Sun, 23 Sep 2018 14:37:46 +0200
User-agent: KMail/5.1.3 (Linux/4.4.0-134-generic; KDE/5.18.0; x86_64; ; )

Ben Pfaff wrote:
> CC='gcc -fsanitize=address -g -O0' ./gnulib-tool --test vasnprintf 
> vasnprintf-posix

A couple of notes about this report:

1) The -O0 in the above command is ineffective. Reason: CFLAGS is '-O2 -g'
   by default, thus when a file gets compiled by $CC $CFLAGS, the -O2 always
   overrides the -O0.

   You need to write
     CC='gcc -fsanitize=address' CFLAGS='-g -O0'
   if you really want the -O0 to have an effect.

2) CC='gcc -fsanitize=address' modifies the result of the
   "checking whether printf supports the 'n' directive" test.

   Namely, the test program crashes with error
   "*** %n in writable segment detected ***".

3) CC='gcc -fsanitize=address' modifies also the result of the
   "checking whether printf survives out-of-memory conditions" test.

   Namely, when a large malloc() fails, the AddressSanitizer, instead
   of letting malloc() return NULL with errno set to ENOMEM, simply
   terminates the program with exit code 1. Gnulib's test in printf.m4 cannot
   distinguish a buggy malloc() from a buggy printf(); it notices that
   the program exits and concludes that printf is buggy.

   This failure has the effect of defining NEED_PRINTF_ENOMEM,
   NEED_PRINTF_DOUBLE, NEED_PRINTF_LONG_DOUBLE in config.h. They are usually
   not defined on glibc systems.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]