[Bug objc/85476] New: ASAN error in finish_class ../../gcc/objc/objc-act.c:8006

marxin at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Fri Apr 20 07:47:00 GMT 2018


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85476

            Bug ID: 85476
           Summary: ASAN error in finish_class
                    ../../gcc/objc/objc-act.c:8006
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: objc
          Assignee: unassigned at gcc dot gnu.org
          Reporter: marxin at gcc dot gnu.org
  Target Milestone: ---

$ ./xgcc -B.
/home/mliska/Programming/gcc/gcc/testsuite/objc.dg/class-extension-3.m
-I../../libobjc/
=================================================================
==1431542==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address
0x7ffddc1c45e9 at pc 0x00000064ae04 bp 0x7ffddc1c45b0 sp 0x7ffddc1c3d60
WRITE of size 10 at 0x7ffddc1c45e9 thread T0
    #0 0x64ae03 in __interceptor_strcpy
../../../../libsanitizer/asan/asan_interceptors.cc:391
    #1 0x74629f in finish_class ../../gcc/objc/objc-act.c:8006
    #2 0x74805f in objc_finish_interface() ../../gcc/objc/objc-act.c:648
    #3 0x8d028e in c_parser_objc_class_definition ../../gcc/c/c-parser.c:9566
    #4 0x900698 in c_parser_translation_unit ../../gcc/c/c-parser.c:1524
    #5 0x900698 in c_parse_file() ../../gcc/c/c-parser.c:18428
    #6 0x9c1eff in c_common_parse_file() ../../gcc/c-family/c-opts.c:1132
    #7 0x190e06b in compile_file ../../gcc/toplev.c:455
    #8 0x618a6d in do_compile ../../gcc/toplev.c:2132
    #9 0x618a6d in toplev::main(int, char**) ../../gcc/toplev.c:2267
    #10 0x6233f4 in main ../../gcc/main.c:39
    #11 0x7f9c1d6786e4 in __libc_start_main (/lib64/libc.so.6+0x206e4)
    #12 0x624588 in _start
(/home/mliska/Programming/gcc/objdir/gcc/cc1obj+0x624588)

Address 0x7ffddc1c45e9 is located in stack of thread T0
SUMMARY: AddressSanitizer: dynamic-stack-buffer-overflow
../../../../libsanitizer/asan/asan_interceptors.cc:391 in __interceptor_strcpy
Shadow bytes around the buggy address:
  0x10003b830860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b830870: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b830880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b830890: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b8308a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10003b8308b0: 00 00 00 00 00 00 00 00 ca ca ca ca 00[01]cb cb
  0x10003b8308c0: cb cb cb cb 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b8308d0: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f2
  0x10003b8308e0: f2 f2 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
  0x10003b8308f0: f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003b830900: 00 00 00 f2 f3 f3 f3 f3 00 00 00 00 00 00 00 00

It's simple to fix, let me to that.


More information about the Gcc-bugs mailing list