On Tue, Oct 5, 2021 at 1:28 PM Luís Ferreira <cont...@lsferreira.net> wrote: > > On Tue, 2021-10-05 at 09:00 -0600, Jeff Law wrote: > > > > > > On 10/4/2021 10:52 AM, Luís Ferreira wrote: > > > On Thu, 2021-09-23 at 09:50 -0600, Jeff Law wrote: > > > > > > > > On 9/23/2021 4:16 AM, ibuclaw--- via Gcc-patches wrote: > > > > > > On 22/09/2021 03:10 Luís Ferreira <cont...@lsferreira.net> > > > > > > wrote: > > > > > > > > > > > > > > > > > > Currently a stack/heap overflow may happen if a crafted > > > > > > mangle is > > > > > > maliciously used to cause denial of service, such as > > > > > > intentional > > > > > > crashes > > > > > > by accessing a reserved memory space. > > > > > > > > > > > Hi, > > > > > > > > > > Thanks for this. Is there a test that could trigger this code > > > > > path? > > > > I don't think Luis has commit privs, so I went ahead and > > > > committed > > > > this > > > > patch. > > > > > > > > Yea, a testcase would be great. > > > > > > > > Jeff > > > > > > > Does the test suite runned against address sanitization? if yes, I > > > can > > > submit a patch to make this fail, otherwise it is hard to trigger a > > > consistent crash for this issue. > > Unfortunately, no it doesn't run with sanitization. If it's too > > painful > > to create a test, don't worry about it. It happens from time to > > time. > > > > jeff > > I would like to add address sanitization if I knew how GCC autotools > work but I think this is a better fit when I invest some time > implementing something to OSS fuzz and build some infrastructure for > fuzzing parts of the GCC. >
I can help with the autotools part if you can say how precisely you'd like to use them to add address sanitization. And as for the OSS fuzz part, I think someone tried setting up auto-fuzzing for it once, but the main bottleneck was getting the bug reports that it generated properly triaged, so if you could make sure the bug-submitting portion of the process is properly streamlined, that'd probably go a long way towards helping it be useful. > -- > Sincerely, > Luís Ferreira @ lsferreira.net >
