bug-indent
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Invalid memory reads / heap overflows in indent

From: Hanno Böck
Subject: Invalid memory reads / heap overflows in indent
Date: Thu, 7 May 2015 22:13:28 +0200 
Hi,

When compiling indent with address sanitizer (add -fsanitize=address to
CFLAGS) it shows several invalid memory accesses / heap overflows.

The simplest one is on an empty file:
==8614==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000ef2f 
at pc 0x0000004f8074 bp 0x7fff09efcd10 sp 0x7fff09efcd08
READ of size 1 at 0x60200000ef2f thread T0
    #0 0x4f8073 in read_file /f/indent-2.2.11/src/code_io.c:342:9
    #1 0x4de558 in indent_single_file /f/indent-2.2.11/src/indent.c:937:25
    #2 0x4de558 in indent_all /f/indent-2.2.11/src/indent.c:992
    #3 0x4de558 in main /f/indent-2.2.11/src/indent.c:1054
    #4 0x7f60c65b2f9f in __libc_start_main 
/var/tmp/portage/sys-libs/glibc-2.20-r2/work/glibc-2.20/csu/libc-start.c:289
    #5 0x4375e6 in _start (/mnt/ram/indent/indent+0x4375e6)



Also on a file simply containing a closing }:
==13768==ERROR: AddressSanitizer: heap-buffer-overflow on address 
0x60200000efcc at pc 0x0000004f51a4 bp 0x7fff213e2930 sp 0x7fff213e2928
READ of size 4 at 0x60200000efcc thread T0
    #0 0x4f51a3 in parse /f/indent-2.2.11/src/parse.c:465:17
    #1 0x510220 in handle_token_rbrace /f/indent-2.2.11/src/handletoken.c:1262:9
    #2 0x510220 in handle_the_token /f/indent-2.2.11/src/handletoken.c:2238
    #3 0x4e1da3 in indent_main_loop /f/indent-2.2.11/src/indent.c:628:9
    #4 0x4e1da3 in indent /f/indent-2.2.11/src/indent.c:715
    #5 0x4de75f in indent_single_file /f/indent-2.2.11/src/indent.c:960:19
    #6 0x4de75f in indent_all /f/indent-2.2.11/src/indent.c:992
    #7 0x4de75f in main /f/indent-2.2.11/src/indent.c:1054
    #8 0x7f256664bf9f in __libc_start_main 
/var/tmp/portage/sys-libs/glibc-2.20-r2/work/glibc-2.20/csu/libc-start.c:289
    #9 0x4375e6 in _start (/mnt/ram/indent/indent+0x4375e6)

I've attached a sample file and full address sanitizer output.

cu,
-- 
Hanno Böck
http://hboeck.de/

mail/jabber: address@hidden
GPG: BBB51E42

Attachment: indent-heap-overflow-parse.asan.txt
Description: Text document

Attachment: indent-heap-overflow-parse.c
Description: Text Data

Attachment: indent-heap-overflow-read_file.asan.txt
Description: Text document

Attachment: pgpmSWm6VR9rq.pgp
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]