Skip Menu |
 

This queue is for tickets about the Convert-Binary-C CPAN distribution.

Report information
The Basics
Id: 83171
Status: stalled
Priority: 0/
Queue: Convert-Binary-C

People
Owner: Nobody in particular
Requestors: RURBAN [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Unimportant
Broken in: 0.76
Fixed in: (no value)



Subject: member_expr_walker_new heap-buffer-overflow with AddressSanitizer
Download (untitled) / with headers
text/plain 497b
https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer does not understand the redefinition of the stack var me to the heap in member_expr_walker_new(): Newc(0, me, offsetof(struct member_expr, buf) + len + 1, char, struct member_expr); me->startup = 1; => heap-buffer-overflow I tried to set the __attribute__((no_address_safety_analysis)) to this function, but it did not work. The whole trick smells, but valgrind accepts it. So I guess we have to live with it. -- Reini Urban
Download (untitled) / with headers
text/plain 731b
On Wed Feb 06 14:03:19 2013, RURBAN wrote: Show quoted text
> https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer does > not understand the redefinition of the stack var me to the heap in > member_expr_walker_new(): > Newc(0, me, offsetof(struct member_expr, buf) + len + 1, char, struct > member_expr); > me->startup = 1; => heap-buffer-overflow > > I tried to set the > __attribute__((no_address_safety_analysis)) > to this function, but it did not work. > > The whole trick smells, but valgrind accepts it. > So I guess we have to live with it.
Mmmh, odd. I don't see much wrong with the code (I wouldn't necessarily write it like this anymore, but hey). Any chance you could check if ASAN is still unhappy with it? Thanks!


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.