Open
Description
I’ve scanned jinbooooom/linux with ASAN and it has triggered on linux/3rd/src/md5/md5.cpp line 158. I'm not sure whether this is an actual issue, or whether code of linux is too sophisticated for ASAN to understand. Do you guys have any idea?
Project version
linux: master
Operating system
compiler: gcc (Debian 12.2.0-14) 12.2.0
Ubuntu 22.04.4 LTS
Linux 5.15.0-125-generic #135-Ubuntu SMP Fri Sep 27 13:53:58 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
I did this
Launched linux/build/bin/md5
I expected the following
No problem reported by ASAN
I got the following
linux/build/bin/md5
==963==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffebfbf3340 at pc 0x7fb394cd19ed bp 0x7ffebfbf3030 sp 0x7ffebfbf27e0
WRITE of size 3 at 0x7ffebfbf3340 thread T0
#0 0x7fb394cd19ec in __interceptor_vsprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1684
#1 0x7fb394cd1bee in __interceptor_sprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1727
#2 0x7fb394c30ad3 in md5str(unsigned char*, char*) linux/3rd/src/md5/md5.cpp:158
Metadata
Metadata
As 3413 signees
Labels
No labels