[llvm-bugs] [Bug 44608] New: UBsan warns on access to 0 sized arrays in union
via llvm-bugs
llvm-bugs at lists.llvm.org
Tue Jan 21 10:43:09 PST 2020
https://bugs.llvm.org/show_bug.cgi?id=44608
Bug ID: 44608
Summary: UBsan warns on access to 0 sized arrays in union
Product: new-bugs
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: manojgupta at google.com
CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org
Copied from Chrome OS bug
https://bugs.chromium.org/p/chromium/issues/detail?id=1043405
One of the programs in Chrome OS uses a 0 sized array inside a union.
ubsan errors on oob accesses to this member. Given that this array is 0 sized,
should accesses to it be treated differently?
Relevant struct snippet from
https://chromium.git.corp.google.com/chromiumos/platform/vboot_reference/+/f5367d598a985520a8c935f68ac90d295c7b8d8e/firmware/2lib/include/2sha.h
struct vb2_hash {
/* enum vb2_hash_algorithm. Fixed width for serialization.
Single byte to avoid endianness issues. */
uint8_t algo;
/* Padding to align and to match existing CBFS attribute. */
uint8_t reserved[3];
/* The actual digest. Can add new types here as required. */
union {
uint8_t raw[0]; // triggers ubsan oob checks
#if VB2_SUPPORT_SHA1
uint8_t sha1[VB2_SHA1_DIGEST_SIZE];
#endif
#if VB2_SUPPORT_SHA256
uint8_t sha256[VB2_SHA256_DIGEST_SIZE];
#endif
#if VB2_SUPPORT_SHA512
uint8_t sha512[VB2_SHA512_DIGEST_SIZE];
#endif
} bytes; /* This has a name so that it's easy to sizeof(). */
};
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200121/5bb3f744/attachment.html>
More information about the llvm-bugs
mailing list