Menu
What I have done.
Test1
1 #include <stdio.h>
2
3 int test[16];
4
5 int main()
6 {
7 test[17] = -1;
8 }
/tmp $ gcc ./main.c -o main -fsanitize=address
/tmp $ ./main
/tmp $
Test2
1 #include <stdio.h>
2
3 int test[16] = {1};
4
5 int main()
6 {
7 test[17] = -1;
8 }
/tmp $ gcc ./main.c -o main -fsanitize=address
/tmp $ ./main
=================================================================
==19776==ERROR: AddressSanitizer: global-buffer-overflow on address
...
Looks like global buffer overflow detection is not working for global variables which are placed in bss (is it so?). What are the reasons behind this?
Update:
The code which does store is not optimized out. System information:
$ gcc --version
gcc (Ubuntu 7.2.0-8ubuntu3.2) 7.2.0
Copyright (C) 2017 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
673
This is in FAQ:
Q: Why didn't ASan report an obviously invalid memory access in my code?
A1: If your errors is too obvious, compiler might have already optimized it out by the time Asan runs.
A2: Another, C-only option is accesses to global common symbols which are not protected by Asan (you can use -fno-common to disable generation of common symbols and hopefully detect more bugs).
Your case is probly covered by A2 so adding -fno-common should help.
The issue with common symbols (which are generated for zero-initialized global variables by default) is that, due to their weird legacy semantics, Asan can not insert redzones for them (see GCC #55739 for gory details). By supplying -fno-common you disable generation of commons and instead ask GCC to generate normal global symbols in all cases (this has a small chance of breaking ill-written programs that rely on common symbols behavior but usually it's not an issue).
144
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
