This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
Re: [PATCH] Do without union of variable length arrays.
- From: Alexander Cherepanov <ch3root at openwall dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Mon, 26 Oct 2015 23:00:10 +0300
- Subject: Re: [PATCH] Do without union of variable length arrays.
On 2015-10-07 18:23, Mark Wielaard wrote:
> On Wed, 2015-10-07 at 02:24 +0300, Alexander Cherepanov wrote:
>> On 2015-10-05 21:45, Mark Wielaard wrote:
>>> On Fri, Oct 02, 2015 at 12:10:47AM +0300, Alexander Cherepanov wrote:
>>>> Given that the current approach (before the patch) already required to write
>>>> superfluous "->" perhaps an approach requiring a superfluous "*" will fit?
>>>> Like this:
>>>>
>>>> void *data = malloc (...);
>>>> T32 (*a32)[n] = data;
>>>> T64 (*a64)[n] = data;
>>>>
>>>> Then the use looks like "(*a32)[i].member". Clang seems to be happy and its
>>>> UBSAN works fine.
>>>
>>> If that works that would probably be preferred since then ubsan can see
>>> the array bounds and help catch issues.
>>
>> I believe it was not working in gcc 4.9. It works in newer gcc?
>
> I am currently using gcc 5.1 where it definitely works.
> -fsanitize=undefined finds array accesses outside variable arrays just
> fine. It didn't work with gcc 4.8 though. I thought it also worked with
> 4.9, but haven't checked.
Ok, thanks. Indeed, a fresh gcc (and clang) is worth switching to.
>>> You can build and run elfutils
>>> and the tests with configure --enable-sanitize-undefined to use ubsan
>>> checking.
>>
>> Nice.
>
> I am using it together with the afl fuzzer for finding issues.
> And it found some nasty ones.
Glad to hear it. Are you keeping the found samples? It would be nice to
have them publicly available as a base for fuzzing other projects too.
--
Alexander Cherepanov