[LLVMbugs] [Bug 13713] Address Sanitizer misses a stack-buffer-overflow problem in JtR
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Tue Aug 28 07:42:17 PDT 2012
http://llvm.org/bugs/show_bug.cgi?id=13713
Kostya Serebryany <kcc at google.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #2 from Kostya Serebryany <kcc at google.com> 2012-08-28 09:42:17 CDT ---
Ah, simple.
HMAC_Final is a library function defined in openssl/hmac.h.
If you rebuild openssl with asan and link your code with this custom build
it is very likely that AddressSanitizer will catch this bug for you.
Or try drasan:
http://code.google.com/p/address-sanitizer/source/browse/trunk/dynamorio/README.txt
(no promises here, this is still experimental)
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list