-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crashes in test-{smith-form-valence,regression}
compiling with -D_FORTIFY_SOURCE=3
#304
Comments
Thank you for the report. |
I looked into this a bit, since we’re seeing this in Fedora Linux too. I was able to reproduce it with optimization flags Detailed At the time of the segfault in linbox/linbox/blackbox/apply.h Line 596 in 2fb9564
where linbox/linbox/blackbox/apply.h Line 589 in 2fb9564
linbox/linbox/blackbox/apply.h Line 594 in 2fb9564
At the segfault, linbox/linbox/blackbox/apply.h Line 632 in 2fb9564
and then another linbox/linbox/blackbox/apply.h Line 634 in 2fb9564
Since 8 bytes are accessed, this overruns the buffer by one byte. Now the question is, where is the error? |
I can confirm that adjusting the formula for the size of |
To find the size needed, we need the maximum value of |
An alternative solution would be to add 1 to the value of |
Fixes linbox-team#304 by adding one byte to the allocated size, based on the rationale offered by Jerry James, @jamesjer, in linbox-team#304. In addition, a new local variable is introduced for the size in question to reduce repetition.
NixOS now builds all packages with
-D_FORTIFY_SOURCE=3
. This causes two tests,test-smith-form-valence
andtest-regression
, to fail with buffer overflows. To avoid duplication, I will only post the relevant details fortest-smith-form-valence
. The test printsand the stack trace is
This happens on the latest release (tag
v1.7.0
to be precise).The text was updated successfully, but these errors were encountered: