[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: write past end of buffer in vasnprintf() implementation of %f
From: |
Bruno Haible |
Subject: |
Re: write past end of buffer in vasnprintf() implementation of %f |
Date: |
Sun, 23 Sep 2018 14:37:46 +0200 |
User-agent: |
KMail/5.1.3 (Linux/4.4.0-134-generic; KDE/5.18.0; x86_64; ; ) |
Ben Pfaff wrote:
> CC='gcc -fsanitize=address -g -O0' ./gnulib-tool --test vasnprintf
> vasnprintf-posix
A couple of notes about this report:
1) The -O0 in the above command is ineffective. Reason: CFLAGS is '-O2 -g'
by default, thus when a file gets compiled by $CC $CFLAGS, the -O2 always
overrides the -O0.
You need to write
CC='gcc -fsanitize=address' CFLAGS='-g -O0'
if you really want the -O0 to have an effect.
2) CC='gcc -fsanitize=address' modifies the result of the
"checking whether printf supports the 'n' directive" test.
Namely, the test program crashes with error
"*** %n in writable segment detected ***".
3) CC='gcc -fsanitize=address' modifies also the result of the
"checking whether printf survives out-of-memory conditions" test.
Namely, when a large malloc() fails, the AddressSanitizer, instead
of letting malloc() return NULL with errno set to ENOMEM, simply
terminates the program with exit code 1. Gnulib's test in printf.m4 cannot
distinguish a buggy malloc() from a buggy printf(); it notices that
the program exits and concludes that printf is buggy.
This failure has the effect of defining NEED_PRINTF_ENOMEM,
NEED_PRINTF_DOUBLE, NEED_PRINTF_LONG_DOUBLE in config.h. They are usually
not defined on glibc systems.
Bruno