On Tue, 2021-10-05 at 09:00 -0600, Jeff Law wrote:
> 
> 
> On 10/4/2021 10:52 AM, Luís Ferreira wrote:
> > On Thu, 2021-09-23 at 09:50 -0600, Jeff Law wrote:
> > > 
> > > On 9/23/2021 4:16 AM, ibuclaw--- via Gcc-patches wrote:
> > > > > On 22/09/2021 03:10 Luís Ferreira <cont...@lsferreira.net>
> > > > > wrote:
> > > > > 
> > > > >    
> > > > > Currently a stack/heap overflow may happen if a crafted
> > > > > mangle is
> > > > > maliciously used to cause denial of service, such as
> > > > > intentional
> > > > > crashes
> > > > > by accessing a reserved memory space.
> > > > > 
> > > > Hi,
> > > > 
> > > > Thanks for this.  Is there a test that could trigger this code
> > > > path?
> > > I don't think Luis has commit privs, so I went ahead and
> > > committed
> > > this
> > > patch.
> > > 
> > > Yea, a testcase would be great.
> > > 
> > > Jeff
> > > 
> > Does the test suite runned against address sanitization? if yes, I
> > can
> > submit a patch to make this fail, otherwise it is hard to trigger a
> > consistent crash for this issue.
> Unfortunately, no it doesn't run with sanitization.  If it's too
> painful 
> to create a test, don't worry about it.  It happens from time to
> time.
> 
> jeff

I would like to add address sanitization if I knew how GCC autotools
work but I think this is a better fit when I invest some time
implementing something to OSS fuzz and build some infrastructure for
fuzzing parts of the GCC.

-- 
Sincerely,
Luís Ferreira @ lsferreira.net

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to