make-check-1.logDescription: Text Data
|
| From: | Bruno Haible |
| Subject: | two undefined behaviour occurrences in m4 |
| Date: | Sat, 02 Dec 2023 06:41:17 +0100 |
Hi,
After fixing the Gnulib bug reported at
<https://lists.gnu.org/archive/html/bug-m4/2023-02/msg00000.html>
I wanted to check whether the newest m4 snapshot passes its tests
with
CC="clang
-fsanitize=address,undefined,signed-integer-overflow,shift,integer-divide-by-zero
-fsanitize-address-use-after-scope -fno-sanitize-recover=all"
And it doesn't. There are two problems:
1) In the "make check" run (attached: make-check-1.log), there are many
occurrences of
path.c:72:23: runtime error: applying non-zero offset 1 to null pointer
This code
----------------------------------------
path_end = strchr (path, ':');
if (path_end)
*path_end = '\0';
add_include_directory (path);
path = path_end + 1;
----------------------------------------
computes a NULL pointer + 1. Which is invalid according to ISO C 23 § 6.5.6.(9)
"... If the pointer operand and the result do not point to elements
of the same array object or one past the last element of the array object,
the behavior is undefined..."
2) After fixing this, in the next "make check" run (attached: make-check-2.log),
there are many occurrences of
macro.c:388:3: runtime error: addition of unsigned offset to 0x521000008d28
overflowed to 0x521000008d10
The problem here is that the code is adding a pointer value such as
0x521000008d28 with an unsigned offset of 0xffffffffffffffe8, and
this sum overflows. It is invalid according to ISO C 23 § 6.5.6.(9)
"If the addition or subtraction produces an overflow, the behavior
is undefined."
Find attached a patch that fixes both issues.
OK to push it?
make-check-1.log
Description: Text Data
make-check-2.log
Description: Text Data
0001-Fix-two-occurrences-of-undefined-behaviour.patch
Description: Text Data
| [Prev in Thread] | Current Thread | [Next in Thread] |