[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: global-buffer-overflow in infocmp
From: |
Thomas Dickey |
Subject: |
Re: global-buffer-overflow in infocmp |
Date: |
Wed, 8 Jul 2020 04:01:44 -0400 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Wed, Jul 08, 2020 at 11:41:32AM +0800, Zhang Gen wrote:
> > -----Original Messages-----
> > From: "Thomas Dickey" <dickey@his.com>
> > Sent Time: 2020-07-08 04:19:09 (Wednesday)
> > To: "Zhang Gen" <zhanggen@nudt.edu.cn>
> > Cc: dickey@his.com, bug-ncurses@gnu.org
> > Subject: Re: global-buffer-overflow in infocmp
> >
> > On Tue, Jul 07, 2020 at 08:02:54PM +0800, Zhang Gen wrote:
> > > > -----Original Messages-----
> > > > From: "Thomas Dickey" <dickey@his.com>
> > > > Sent Time: 2020-07-07 15:55:39 (Tuesday)
> > > > To: "Zhang Gen" <zhanggen@nudt.edu.cn>
> > > > Cc: bug-ncurses@gnu.org
> > > > Subject: Re: global-buffer-overflow in infocmp
> > > >
> > > > On Tue, Jul 07, 2020 at 03:30:10PM +0800, Zhang Gen wrote:
> > > > > # Summary
> > > > > ```
> > > > > =================================================================
> > > > > ==5462==ERROR: AddressSanitizer: global-buffer-overflow on address
> > > > > 0x00000057af47 at pc 0x000000460e86 bp 0x7ffd205f2c00 sp
> > > > > 0x7ffd205f23b0
> > > >
> > > > This doesn't tell me much.
> > > >
> > > > It lacks the necessary information to reproduce the problem:
> > > >
> > > > a) which version (and patch-date)
> > > Version: ftp://ftp.invisible-island.net/ncurses/ncurses-6.2.tar.gz
> > > Patch: 2020-2-12
> >
> > Development sources are in
> >
> > ftp://ftp.invisible-island.net/ncurses/current/
> >
> > At the moment, the current source is
> >
> > ftp://ftp.invisible-island.net/ncurses/current/ncurses-6.2-20200704.tgz
> >
> > > > b) how ncurses was built (configure-script options)
> > > CC=clang CXX=clang++ ../configure --prefix=`pwd`/mybin CFLAGS="-g -O0
> > > -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address"
> >
> > hmm - whether clang works with static linking and sanitize depends upon
> > the platform (it doesn't work with Debian 9). In most cases, the choice
> > of compiler doesn't matter much. It doesn't in this one.
> >
> > > > c) line-numbers for source code
> > > infocmp+0x460c85
> >
> > 0x460c85 is not a line-number (you'd use "-g" option when compiling/linking)
>
> I got several more bugs when testing, but I still have problem in getting
> the line number.
> You mean adding "-g" in the ./configure options? I did so but fail to get
> the line.
> Interestinglly, I succeeded in other programs I tested...
> Could you please show me how to do it in ncurses?
> Best,
> Gen
this does what you intended:
#!/bin/sh
rm -rf build
mkdir build
cd build
clean-ncurses
CC=clang \
CXX=clang++ \
../configure \
--with-valgrind \
--prefix=`pwd`/mybin \
CFLAGS="-g -O0 -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address"
in INSTALL:
--with-valgrind
For testing, compile with debug option.
This also sets the --disable-leaks option.
(if you're reporting bugs with memory leaks, you'll have to use the
--disable leaks option)
--
Thomas E. Dickey <dickey@invisible-island.net>
https://invisible-island.net
ftp://ftp.invisible-island.net
signature.asc
Description: PGP signature
- global-buffer-overflow in infocmp, Zhang Gen, 2020/07/07
- Re: global-buffer-overflow in infocmp, Thomas Dickey, 2020/07/07
- Re: Re: global-buffer-overflow in infocmp, Zhang Gen, 2020/07/07
- Re: global-buffer-overflow in infocmp, Thomas Dickey, 2020/07/07
- Re: Re: global-buffer-overflow in infocmp, Zhang Gen, 2020/07/07
- Re: Re: global-buffer-overflow in infocmp, Zhang Gen, 2020/07/07
- Re: global-buffer-overflow in infocmp,
Thomas Dickey <=
- Re: Re: global-buffer-overflow in infocmp, Zhang Gen, 2020/07/08
- stack-buffer-overflow in progs/dump_entry.c:1144 in fmt_entry, Zhang Gen, 2020/07/08
- Re: stack-buffer-overflow in progs/dump_entry.c:1144 in fmt_entry, Thomas Dickey, 2020/07/08