search

ramosian-glider / sanitizers

0 stars 0 forks source link

Improve the strlen reports on OOB #156

Closed ramosian-glider closed 9 years ago

ramosian-glider commented 9 years ago

Originally reported on Google Code with ID 155

Example:

int main(void) {
  volatile char str[6] = "Hello";
  str[5] = '!';  // No '\0' at the end!
  volatile int len = strlen((const char*)ident(str));
}

->
Currently reports
READ of size 17 at 0x002ffb00 thread T0
as of r174376

Probably we should call strnlen instead of strlen in the interceptor?

Reported by timurrrr@google.com on 2013-02-08 09:30:23

ramosian-glider commented 9 years ago 
(Not sure what I meant by "Chrome". Probably a brain memory corruption?)

Reported by timurrrr@google.com on 2013-02-08 09:30:59

ramosian-glider commented 9 years ago 
So, per offline discussion, this seems unfeasible, as it will slow down strlen().
If we agree on that, I could revert to the old behaviour for strlen (and strchr, etc):
report 1-byte access at the first unaddressable location.

Reported by eugenis@google.com on 2013-02-08 14:51:56

ramosian-glider commented 9 years ago 
We can use strnlen on per-page basis without significant overhead.

Reported by timurrrr@google.com on 2013-02-08 16:06:25

ramosian-glider commented 9 years ago 
Are we doing anything here?

Reported by konstantin.s.serebryany on 2013-02-15 13:03:56

ramosian-glider commented 9 years ago 
I for one am perfectly fine with the current behaviour.
Shall we reassign or even close this bug?

Reported by eugenis@google.com on 2013-02-15 13:05:36

ramosian-glider commented 9 years ago

Reported by konstantin.s.serebryany on 2013-02-15 13:11:35

ramosian-glider commented 9 years ago 
I think the way it is reported now will confuse our users.

Reported by timurrrr@google.com on 2013-02-15 13:11:57

ramosian-glider commented 9 years ago 
Adding Project:AddressSanitizer as part of GitHub migration.

Reported by ramosian.glider on 2015-07-30 09:13:40