I am working as part of a research team developing a code analysis tool for Python. One of the issues the tool discovered in manticore's codebase is that core.smtlib.operators.EXTRACT has the potential to throw uncaught OverflowError and MemoryError. These errors are caused by large values for the size argument.
If you are interested in learning more about the tool and how it found this issue, let me know down in the comments, or you can contact me at xifaras.s@northeastern.edu. We are primarily curious about whether you find that this issue is legitimate and worth reporting and fixing. If not, we would be interested in understanding why.
Summary of the problem
Hello manticore community,
I am working as part of a research team developing a code analysis tool for Python. One of the issues the tool discovered in manticore's codebase is that
core.smtlib.operators.EXTRACThas the potential to throw uncaughtOverflowErrorandMemoryError. These errors are caused by large values for thesizeargument.If you are interested in learning more about the tool and how it found this issue, let me know down in the comments, or you can contact me at xifaras.s@northeastern.edu. We are primarily curious about whether you find that this issue is legitimate and worth reporting and fixing. If not, we would be interested in understanding why.
Thank you for your consideration!
-Sam
Manticore version
Latest master (commit hash: 8861005396ed3e25ecef9cd229e5319ae2fe2612)
Python version
Python 3.8
OS / Environment
Linux (kernel version 5.10.218)
Dependencies
N/A
Step to reproduce the behavior
Call
EXTRACTwith a large value for thesizeargument.Expected behavior
Magnitude of
sizeis appropriately limited.Actual behavior
Traceback: