[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: glob() undefined sanitizer triggers
From: |
Tim Rühsen |
Subject: |
Re: glob() undefined sanitizer triggers |
Date: |
Wed, 18 Oct 2017 21:29:21 +0200 |
User-agent: |
KMail/5.2.3 (Linux/4.13.0-1-amd64; KDE/5.37.0; x86_64; ; ) |
On Mittwoch, 18. Oktober 2017 10:22:56 CEST Paul Eggert wrote:
> Although I don't think that will cause a problem for glob.c on
> production platforms, we might as well pacify the fuzzer. I installed
> the attached.
Thanks, Paul !
Now that the fuzzer goes on, I get a stack overflow in glob.c, likely not
related to your changes.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==15015==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc35d29e40 (pc
0x000000549e74 bp 0x7ffc35d2aa30 sp 0x7ffc35d29e40 T0)
#0 0x549e73 in rpl_glob /home/tim/src/wget2/lib/glob.c:263
#1 0x54e71f in rpl_glob /home/tim/src/wget2/lib/glob.c:558:21
#2 0x54e71f in rpl_glob /home/tim/src/wget2/lib/glob.c:558:21
... repeating lines with increasing numbers ...
#249 0x54e71f in rpl_glob /home/tim/src/wget2/lib/glob.c:558:21
SUMMARY: AddressSanitizer: stack-overflow /home/tim/src/wget2/lib/glob.c:263 in
rpl_glob
==15015==ABORTING
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x63,0x6f,0x6e,0x66,0x69,0x67,0x3d,0x2a,0x31,0x0,0x65,
config=*1\x00e
So basically it is
glob("*1\x00e", GLOB_TILDE|GLOB_ONLYDIR|GLOB_NOCHECK, NULL, &pglob)
The directory itself does contain ~165 files, including subdirs there are
~22.250 files. But I guess that doesn't matter.
Again, not much time any more (dog waits for his walk).
But I can try to reproduce tomorrow and maybe write a small stand-alone
reproducer.
Regards, Tim
signature.asc
Description: This is a digitally signed message part.