[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: nucobol-3.1-rc1 and Asan findings
From: |
Jeffrey Walton |
Subject: |
Re: nucobol-3.1-rc1 and Asan findings |
Date: |
Tue, 14 Jul 2020 06:10:57 -0400 |
On Mon, Jul 13, 2020 at 7:57 PM Jeffrey Walton <noloader@gmail.com> wrote:
>
> Hi Everyone,
>
> Here's the result of a 'make check' when using '-fsanitize=address'.
> It looks like there are a few new failures.
>
> This is a good result. I usually see a lot more Asan findings. The 577
> test result looks important. It is a use-after-free.
And the 766 test is also a heap-based buffer overflow.
$ cat gnucobol-3.1-rc1/tests/testsuite.dir/0766/testsuite.log
# -*- compilation -*-
766. run_file.at:7719: testing INDEXED File READ/DELETE/READ ...
./run_file.at:8396: $COBC -x -std=mf -w prog.cob
./run_file.at:8398: $COBCRUN_DIRECT ./prog
--- /dev/null 2020-07-10 09:37:43.139999945 -0400
+++
/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/tests/testsuite.dir/at-groups/766/stderr
2020-07-14 06:03:52.370640624 -0400
@@ -0,0 +1,47 @@
+=================================================================
+==1355==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60200000254c at pc 0x7f29cf524733 bp 0x7ffee9768ba0 sp
0x7ffee9768348
+READ of size 8 at 0x60200000254c thread T0
+ #0 0x7f29cf524732 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79732)
+ #1 0x7f29cf2050b3 in bdb_savekey
/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/libcob/fileio.c:750
+ #2 0x7f29cf2050b3 in indexed_delete_internal
/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/libcob/fileio.c:3074
+ #3 0x7f29cf214c00 in cob_delete
/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/libcob/fileio.c:5569
+ #4 0x563c412508ca in prog_ /home/jwalton/tmp/cob1324_0.c:457
+ #5 0x563c4124df70 in prog /home/jwalton/tmp/cob1324_0.c:46
+ #6 0x563c4124df54 in main /home/jwalton/tmp/cob1324_0.c:34
+ #7 0x7f29cedcab96 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
+ #8 0x563c4124de49 in _start
(/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/tests/testsuite.dir/0766/prog+0x7e49)
+
+Address 0x60200000254c is a wild pointer.
+SUMMARY: AddressSanitizer: heap-buffer-overflow
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79732)
+Shadow bytes around the buggy address:
+ 0x0c047fff8450: fa fa 00 02 fa fa fd fd fa fa fd fd fa fa fd fd
+ 0x0c047fff8460: fa fa 00 01 fa fa 00 00 fa fa 00 01 fa fa 00 04
+ 0x0c047fff8470: fa fa 00 04 fa fa fd fd fa fa 00 02 fa fa 00 00
+ 0x0c047fff8480: fa fa 00 00 fa fa 00 fa fa fa 00 fa fa fa 00 fa
+ 0x0c047fff8490: fa fa 00 02 fa fa 00 04 fa fa fa fa fa fa fa fa
+=>0x0c047fff84a0: fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa fa fa
+ 0x0c047fff84b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+ 0x0c047fff84c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+ 0x0c047fff84d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+ 0x0c047fff84e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+ 0x0c047fff84f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+Shadow byte legend (one shadow byte represents 8 application bytes):
+ Addressable: 00
+ Partially addressable: 01 02 03 04 05 06 07
+ Heap left redzone: fa
+ Freed heap region: fd
+ Stack left redzone: f1
+ Stack mid redzone: f2
+ Stack right redzone: f3
+ Stack after return: f5
+ Stack use after scope: f8
+ Global redzone: f9
+ Global init order: f6
+ Poisoned by user: f7
+ Container overflow: fc
+ Array cookie: ac
+ Intra object redzone: bb
+ ASan internal: fe
+ Left alloca redzone: ca
+ Right alloca redzone: cb
+==1355==ABORTING
--- - 2020-07-14 06:03:52.375329557 -0400
+++
/home/jwalton/Build-Scripts/gnucobol-3.1-rc1/tests/testsuite.dir/at-groups/766/stdout
2020-07-14 06:03:52.370640624 -0400
@@ -37,77 +37,4 @@
Ph=8787458374 Key: OLD00000 is OLD TYME PIZZA MFG. CO. .
Hit End of File
Test Read/Delete
- Delete: INC00000 random
- Delete: ALP00000 random
- Read: BET00000 4169898509
- Delete: PRE00000 random
-Expected 10 after delete PRE00000
-Initial: BET00000 4169898509
-Initial: DEL00000 4169898509
-Initial: MOR00000 4169898509
-Initial: EPS00000 5292398745
- Start: BET00000 4169898509
- Next: DEL00000 4169898509
- Delete: DEL00000 sequential
- Next: MOR00000 4169898509
- Next: EPS00000 5292398745
- Delete: EPS00000 sequential
-List sample data file by Phone
-Ph=4169898509 Key: BET00000 is BETA SHOE MFG. INC. .
-Ph=4169898509 Key: MOR00000 is MORNINGSIDE CARPENTRY. .
-Ph=6456445643 Key: GIB00000 is GIBRALTER LIFE INSURANCE .
-Ph=6456445643 Key: JOH00000 is JOHNSON BOATING SUPPLIES .
-Ph=6546456333 Key: H&J00000 is H & J PLUMBING SUPPLIES .
-Ph=6554456433 Key: LEW00000 is LEWISTON GRAPHICS LTD. .
-Ph=7456434355 Key: KON00000 is KONFLAB PLASTIC PRODUCTS..
-Ph=7534587453 Key: NEW00000 is NEW WAVE SURF SHOPS INC. .
-Ph=8009329492 Key: FOR00000 is FORTUNE COOKIE COMPANY .
-Ph=8372487274 Key: GAM00000 is GAMMA X-RAY TECHNOLOGY .
-Ph=8787458374 Key: OLD00000 is OLD TYME PIZZA MFG. CO. .
-Hit End of File
-List sample data file by Phone
-Ph=3131234432 Key: ALP00000 is ALPHA ELECTRICAL CO. LTD..
-Ph=3455445444 Key: INC00000 is INCREMENTAL BACKUP CORP. .
-Ph=4169898509 Key: BET00000 is BETA SHOE MFG. INC. .
-Ph=4169898509 Key: DEL00000 is DELTA LUGGAGE REPAIRS .
-Ph=4169898509 Key: MOR00000 is MORNINGSIDE CARPENTRY. .
-Ph=4169898509 Key: PRE00000 is PRESTIGE OFFICE FURNITURE.
-Ph=5292398745 Key: EPS00000 is EPSILON EQUIPMENT SUPPLY .
-Ph=6456445643 Key: GIB00000 is GIBRALTER LIFE INSURANCE .
-Ph=6456445643 Key: JOH00000 is JOHNSON BOATING SUPPLIES .
-Ph=6546456333 Key: H&J00000 is H & J PLUMBING SUPPLIES .
-Ph=6554456433 Key: LEW00000 is LEWISTON GRAPHICS LTD. .
-Ph=7456434355 Key: KON00000 is KONFLAB PLASTIC PRODUCTS..
-Ph=7534587453 Key: NEW00000 is NEW WAVE SURF SHOPS INC. .
-Ph=8009329492 Key: FOR00000 is FORTUNE COOKIE COMPANY .
-Ph=8372487274 Key: GAM00000 is GAMMA X-RAY TECHNOLOGY .
-Ph=8787458374 Key: OLD00000 is OLD TYME PIZZA MFG. CO. .
-Hit End of File
-Read Prev/Delete
-00000001 Initial: PRE00000 4169898509
-00000002 Initial: MOR00000 4169898509
-00000003 Initial: DEL00000 4169898509
-00000004 Initial: BET00000 4169898509
- Start: PRE00000 4169898509
- Prev: MOR00000 4169898509
- Delete: MOR00000 sequential
- Prev: DEL00000 4169898509
- Prev: BET00000 4169898509
- Delete: BET00000 sequential
-List sample data file by Phone
-Ph=3131234432 Key: ALP00000 is ALPHA ELECTRICAL CO. LTD..
-Ph=3455445444 Key: INC00000 is INCREMENTAL BACKUP CORP. .
-Ph=4169898509 Key: DEL00000 is DELTA LUGGAGE REPAIRS .
-Ph=4169898509 Key: PRE00000 is PRESTIGE OFFICE FURNITURE.
-Ph=5292398745 Key: EPS00000 is EPSILON EQUIPMENT SUPPLY .
-Ph=6456445643 Key: GIB00000 is GIBRALTER LIFE INSURANCE .
-Ph=6456445643 Key: JOH00000 is JOHNSON BOATING SUPPLIES .
-Ph=6546456333 Key: H&J00000 is H & J PLUMBING SUPPLIES .
-Ph=6554456433 Key: LEW00000 is LEWISTON GRAPHICS LTD. .
-Ph=7456434355 Key: KON00000 is KONFLAB PLASTIC PRODUCTS..
-Ph=7534587453 Key: NEW00000 is NEW WAVE SURF SHOPS INC. .
-Ph=8009329492 Key: FOR00000 is FORTUNE COOKIE COMPANY .
-Ph=8372487274 Key: GAM00000 is GAMMA X-RAY TECHNOLOGY .
-Ph=8787458374 Key: OLD00000 is OLD TYME PIZZA MFG. CO. .
-Hit End of File
./run_file.at:8398: exit code was 1, expected 0
766. run_file.at:7719: 766. INDEXED File READ/DELETE/READ
(run_file.at:7719): FAILED (run_file.at:8398)