[cfe-dev] Asan fails to report global buffer overflow if global buffer is not initialized
Shi, Steven via cfe-dev
cfe-dev at lists.llvm.org
Wed Oct 19 03:25:25 PDT 2016
Hi Kcc,
I find both clang and gcc fail to report global buffer overflow if global buffer is not initialized. Below is my test code and build commands. Please advise.
#include <stdio.h>
int global_array[11];
int main(int argc, char **argv) {
int Num;
Num = 11;
global_array[Num] = 0x87654321; // global buffer overflow
printf("global_array[%d]=0x%x\n", Num, global_array[Num]);
return global_array[Num];
}
$clang global.c -fsanitize=address -g -O0
$ ./a.out
global_array[11]=0x87654321
$gcc-5 global.c -fsanitize=address -g -O0
$ ./a.out
global_array[11]=0x87654321
But both clang and gcc can report global buffer overflow if global buffer first item is initialized as below.
#include <stdio.h>
int global_array[11]={0};
int main(int argc, char **argv) {
int Num;
Num = 11;
global_array[Num] = 0x87654321; // global buffer overflow
printf("global_array[%d]=0x%x\n", Num, global_array[Num]);
return global_array[Num];
}
$clang global.c -fsanitize=address -g -O0
$ ./a.out
=================================================================
==12162==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013808ec at pc 0x0000004eede1 bp 0x7ffe2ae3a490 sp 0x7ffe2ae3a488
WRITE of size 4 at 0x0000013808ec thread T0
#0 0x4eede0 in main /home/jshi19/sanitizer/MSVS_GS_Compare/global.c:41:21
#1 0x7f83c62a582f in __libc_start_main /build/glibc-GKVZIf/glibc-2.23/csu/../csu/libc-start.c:291
#2 0x419228 in _start (/home/jshi19/sanitizer/MSVS_GS_Compare/a.out+0x419228)
....
Steven Shi
Intel\SSG\STO\UEFI Firmware
Tel: +86 021-61166522
iNet: 821-6522
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20161019/7ef680f6/attachment.html>
More information about the cfe-dev
mailing list