This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On Wed, 24 Jun 2015 10:14:04 +0200 Mark Wielaard <mjw@redhat.com> wrote: > I am very interested in the results of the gcc sanitizers, valgrind, > fuzzers, etc. It really helped make elfutils much more robust. For > 0.163 all known crashers were fixed. So if you are still able to > crash elfutils libraries or tools, please do report. > > But in this case as far as I know these kind of malloc argument checks > are indeed just noise. We do check the results of malloc everywhere > (or should at least). I might be wrong of course, or miss something > subtle. So please do let me know if you think it is something to fix > differently from how we handle it currently. Ok, I am aware that these things are debatable. One reason you might want to fix such issues is that they could be used to cause memory exhaustion. E.g. you have a server that processes files and you send them specially crafted small files that will use up a lot of memory, but not that much that malloc failes. Therefore imho it makes sense to add some sanity checks. Parsers should never accept any field sizes that are larger than the file itself. This is probably not so much an issue in self-containing tools like elfutils. Honestly the biggest reason I report these is that asan complains about them and it makes fuzzing easier if they get fixed. But it's up to you. (Most other apps where I reported similar things fixed them) -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: BBB51E42
Attachment:
attachment.sig
Description: PGP signature
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |