This is the mail archive of the mailing list for the elfutils project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Do without union of variable length arrays.

On 2015-10-07 18:23, Mark Wielaard wrote:
> On Wed, 2015-10-07 at 02:24 +0300, Alexander Cherepanov wrote:
>> On 2015-10-05 21:45, Mark Wielaard wrote:
>>> On Fri, Oct 02, 2015 at 12:10:47AM +0300, Alexander Cherepanov wrote:
>>>> Given that the current approach (before the patch) already required to write
>>>> superfluous "->" perhaps an approach requiring a superfluous "*" will fit?
>>>> Like this:
>>>>     void *data = malloc (...);
>>>>     T32 (*a32)[n] = data;
>>>>     T64 (*a64)[n] = data;
>>>> Then the use looks like "(*a32)[i].member". Clang seems to be happy and its
>>>> UBSAN works fine.
>>> If that works that would probably be preferred since then ubsan can see
>>> the array bounds and help catch issues.
>> I believe it was not working in gcc 4.9. It works in newer gcc?
> I am currently using gcc 5.1 where it definitely works.
> -fsanitize=undefined finds array accesses outside variable arrays just
> fine. It didn't work with gcc 4.8 though. I thought it also worked with
> 4.9, but haven't checked.

Ok, thanks. Indeed, a fresh gcc (and clang) is worth switching to.

>>> You can build and run elfutils
>>> and the tests with configure --enable-sanitize-undefined to use ubsan
>>> checking.
>> Nice.
> I am using it together with the afl fuzzer for finding issues.
> And it found some nasty ones.

Glad to hear it. Are you keeping the found samples? It would be nice to 
have them publicly available as a base for fuzzing other projects too.

Alexander Cherepanov

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]