Refactor to avoid sanitize warnings when accessing the variable size ovector in

the backtracking frame. Fixes oss-fuzz issue 1465. Also make -bigstack in 
RunTest allocate a 64Mb stack for use with clang sanitizing.
This commit is contained in:
ph10 2017-05-10 18:21:03 +00:00
parent a0231f7bd4
commit 7ef8d6c0e2
3 changed files with 14 additions and 2 deletions

View File

@ -38,6 +38,9 @@ bugs were never in fully released code, but are noted here for the record.
(f) Refactor some code in do_callout() to avoid picky compiler warnings about (f) Refactor some code in do_callout() to avoid picky compiler warnings about
negative indices. Fixes oss-fuzz issue 1454. negative indices. Fixes oss-fuzz issue 1454.
(g) Similarly refactor the way the variable length ovector is addressed for
similar reasons. Fixes oss-fuzz issue 1465.
2. Now that pcre2_match() no longer uses recursive function calls (see above), 2. Now that pcre2_match() no longer uses recursive function calls (see above),
@ -160,6 +163,9 @@ tests to improve coverage.
31. If more than one of "push", "pushcopy", or "pushtablescopy" were set in 31. If more than one of "push", "pushcopy", or "pushtablescopy" were set in
pcre2test, a crash could occur. pcre2test, a crash could occur.
32. Make -bigstack in RunTest allocate a 64Mb stack (instead of 16 MB) so that
all the tests can run with clang's sanitizing options.
Version 10.23 14-February-2017 Version 10.23 14-February-2017

View File

@ -321,7 +321,7 @@ fi
$sim ./pcre2test -S 1 /dev/null /dev/null $sim ./pcre2test -S 1 /dev/null /dev/null
if [ $? -eq 0 -a "$bigstack" != "" ] ; then if [ $? -eq 0 -a "$bigstack" != "" ] ; then
setstack="-S 16" setstack="-S 64"
else else
setstack="" setstack=""
fi fi

View File

@ -182,9 +182,15 @@ of use and undefined afterwards. */
#define Foffset_top F->offset_top #define Foffset_top F->offset_top
#define Foccu F->occu #define Foccu F->occu
#define Fop F->op #define Fop F->op
#define Fovector F->ovector
#define Freturn_id F->return_id #define Freturn_id F->return_id
/* We need a cast for this one because F->ovector is a vector of size 2, at the
end of the backtrack frame, but when there are capturing parentheses the space
allocated is bigger so we want to be able to address more elements. Without the
case, -fsanitize=undefined grumbles at this. */
#define Fovector ((PCRE2_SIZE *)(F->ovector))
#ifdef DEBUG_FRAMES_DISPLAY #ifdef DEBUG_FRAMES_DISPLAY
/************************************************* /*************************************************