| <<<Back 1 day (to 2016/09/23) | 20160924 |
ago | Robin_Watts: around? | 16:12.04 |
Robin_Watts | aye. | 16:12.29 |
ago | Robin_Watts: hello, I sent a mail to sebras about the fix on mujstest which I'm not convicend at all....can I forward it to you if you have a minute to check? | 16:13.17 |
Robin_Watts | Sure. | 16:13.41 |
ago | Robin_Watts: sent | 16:15.43 |
Robin_Watts | ago: Ah, right. | 16:22.38 |
| I am not familiar with the issues involves. | 16:22.56 |
ago | what do you mean exactly? | 16:23.17 |
Robin_Watts | I do know that clang/gcc have some cunning checking for strcpy etc | 16:23.19 |
| but I also know that it can be confused by standard C idioms. | 16:23.37 |
| For example, if you have something like: struct { int length; char string[1]; } counted_string; | 16:24.17 |
| and if you do: int len = strlen(string); struct counted_string cs = malloc(sizeof(*cs) + strlen(string)); cs->length = len; strcpy(&cs->string[0], string); | 16:25.45 |
| then that's entirely valid. | 16:25.49 |
ago | Robin_Watts: so you think that is right revert the changes on bugzilla? | 16:26.03 |
Robin_Watts | The strcpy overrun stuff in gcc and clang gets confused by that kind of stuff. | 16:26.29 |
ago | mhm.. | 16:26.51 |
katu | Robin_Watts: even for char[0] ? | 16:27.19 |
Robin_Watts | katu, no, it copes for the 0th char, but then thinks every successive char is an overwrite. | 16:29.03 |
| ago: So bug 692020 avoids ever doing the strcpy, cos the filename is never used. | 16:29.29 |
| So that's clearly safe. | 16:29.32 |
katu | bug 692020 of what? | 16:30.19 |
| that number is suspiciously high for gcc | 16:30.57 |
Robin_Watts | bug 697020, sorry. Of MuPDF. On bugs.ghostscript.com | 16:31.24 |
| ago: If the files still fail for you in address sanitiser, please attach new logs to the bugs and reopen them. | 16:31.53 |
| If you have different files that fail, please open new bugs. | 16:32.05 |
katu | Robin_Watts: 697020 seems to be trigerred because #define LONGLINE 4096 | 16:36.32 |
| ie it has nothing to do with aliasing in strcpy, its just plain buf ovf | 16:36.49 |
| granted, the buffer sizes are pretty convoluted, so even if buffer sizes are fixed, asan is likely to trip on this | 16:37.15 |
| *the relations of buffer sizes | 16:37.29 |
| as for asan tripping on char[1] idiom, never encountered this (unless you flagrantly violate const qualifier somehwere) | 16:38.32 |
Robin_Watts | I didn't say it was asan, necessarily. But I've certainly hit it with at least one of gcc or clang in debug builds on linux. Without violating const. | 16:45.08 |
ago | Robin_Watts: I just meant that the concept of duplicate is different | 17:20.25 |
| this is a different issue addressed by the same commit | 17:20.39 |
| Robin_Watts: anyway, a bit OT, if I compile with address sanitizer, the build fails because of -Wl--no-undefined, could you remove it when address sanitizer is enabled? | 17:22.30 |
| do I need to open a bug to remind, if it is fine? | 17:22.40 |
Robin_Watts | ago: open a bug please. Thanks. | 18:21.51 |
| Forward 1 day (to 2016/09/25)>>> | |