Comments (4)
bvdberg
commented on August 19, 2024
How did you test this exactly?
I can image that static analysers don't understand what's happening.... since we're searching in the ELF segment...
from ctest.
chris3k
commented on August 19, 2024
Compile sample test with address sanitizer.
$ clang-3.5 -g mytests.c main.c -fsanitize=address && ./a.out 2> broken.asan
$ asan_symbolize-3.5 < broken.asan
=================================================================
==12543==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000006e91f8 at pc 0x0000004bfb30 bp 0x7fff3dc68d10 sp 0x7fff3dc68d08
READ of size 4 at 0x0000006e91f8 thread T0
#0 0x4bfb2f in ctest_main /home/user/proj/ctest/./ctest.h:409
#1 0x4c122a in main /home/user/proj/ctest/main.c:10
#2 0x7f0ff4a34ec4 in __libc_start_main /build/buildd/eglibc-2.19/csu/libc-start.c:287
#3 0x4b9a4c in _start ??:?
0x0000006e91f8 is located 8 bytes to the left of global variable '__ctest_suite_test' defined in './ctest.h:180:8' (0x6e9200) of size 64
0x0000006e91f8 is located 24 bytes to the right of global variable '__ctest_ctest_test_dbl_far' defined in 'mytests.c:182:1' (0x6e91a0) of size 64
SUMMARY: AddressSanitizer: global-buffer-overflow ??:0 ??
Shadow bytes around the buggy address:
0x0000800d51e0: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
0x0000800d51f0: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00
0x0000800d5200: f9 f9 f9 f9 00 00 00 00 00 00 00 00 f9 f9 f9 f9
0x0000800d5210: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
0x0000800d5220: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00
=>0x0000800d5230: f9 f9 f9 f9 00 00 00 00 00 00 00 00 f9 f9 f9[f9]
0x0000800d5240: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
0x0000800d5250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000800d5260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000800d5270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000800d5280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
ASan internal: fe
==12543==ABORTING
You can disable address sanitizer instrumentation for int ctest_main(int argc, const char *argv[]) adding __attribute__((no_address_safety_analysis)). Then, probably you disable asan instrumentation for code you test. I think it should be doable in other, proper way, by changing algorithm for search test begin end range.
from ctest.
bvdberg
commented on August 19, 2024
No, that's just the whole point. You don't know the start/end of that segment. Not unless you use a linker script. But the whole point was not using a linker script ;)
I'll look into using the attribute. I can test on mac OS X and Linux.
from ctest.
BohuTANG
commented on August 19, 2024
Hi,
Master branch is still having this issue from my tests(clang-3.5), man.
from ctest.
Related Issues (13)
- Missing license info HOT 2
- teardown function is not called if test case fails HOT 2
- Runtime memory error with magic pointer HOT 2
- Declaration inside parameter list HOT 1
- Page in description is boilerplate HOT 1
- Make a release of the library HOT 2
- redefine vsprintf in a nice way HOT 1
- Does CTest support setup and teardown functions per suite of tests (instead of per test)? HOT 6
- use CTEST_SETUP and CTEST_TEARDOWN without CTEST_DATA HOT 1
- merge CTEST2 into CTEST, use CTEST only HOT 1
- ASSERT_EQUAL should not assume integer HOT 1
- alignment of atom errors on mac os X 14.5 ? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ctest.