We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Our Gentoo Tinderbox reported a test failure at bug 914094
Looking at test-suite.log I can see that it fails because of a stack-buffer-overflow:
FAIL: ical-012.sh ================= ================================================================= ==679==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7efd3d8125df at pc 0x5654ab7a5229 bp 0x7ffff80873e0 sp 0x7ffff80873d0 READ of size 1 at 0x7efd3d8125df thread T0 #0 0x5654ab7a5228 in ical_readline /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/ical.c:693 #1 0x5654ab7a7c61 in ical_chk_header /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/ical.c:723 #2 0x5654ab7a7c61 in ical_import_data /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/ical.c:1878 #3 0x5654ab7b742d in io_import_data /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/io.c:1303 #4 0x5654ab78cfad in parse_args /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/args.c:966 #5 0x5654ab675c8e in main /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/calcurse.c:709 #6 0x7efd3ee23c89 (/lib64/libc.so.6+0x23c89) #7 0x7efd3ee23d44 in __libc_start_main (/lib64/libc.so.6+0x23d44) #8 0x5654ab677340 in _start (/var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/calcurse+0x2c340) Address 0x7efd3d8125df is located in stack of thread T0 at offset 9695 in frame #0 0x5654ab7a764f in ical_import_data /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/ical.c:1873 This frame has 39 object(s): [48, 49) 'c' (line 875) [64, 68) 'major' (line 1875) [80, 84) 'minor' (line 1875) [96, 100) 'bytes_read' (line 876) [112, 116) 'week' (line 877) [128, 132) 'day' (line 877) [144, 148) 'mon' (line 927) [160, 164) 'n' (line 928) [176, 180) 'mday' (line 948) [192, 196) 'n' (line 949) [208, 212) 'order' (line 970) [224, 228) 'n' (line 970) [240, 248) 'fmt' (line 472) [272, 280) 'p' (line 1358) [304, 312) 'dtstart' (line 1359) [336, 344) 'dtend' (line 1359) [368, 376) 'duration' (line 1359) [400, 408) 'rrule' (line 1359) [432, 440) 'until' (line 1553) [464, 472) 'msg' (line 1555) [496, 504) 'freqstr' (line 1066) [528, 536) 'note' (line 1868) [560, 568) 'note' (line 1868) [592, 600) 'p' (line 1723) [624, 632) 'note' (line 1868) [656, 668) 'vparam' (line 761) [688, 700) 'vparam' (line 761) [720, 732) 'vparam' (line 761) [752, 768) 's' (line 1360) [784, 800) 'exdate' (line 1360) [816, 832) 's' (line 1724) [848, 865) 'datestr' (line 1066) [912, 960) 'vtodo' (line 1729) [992, 1072) 'tmp' (line 552) [1104, 1216) 'vevent' (line 1369) [1248, 9440) 'buf' (line 1874) [9696, 17888) 'lstore' (line 1874) <== Memory access at offset 9695 underflows this variable [18144, 26336) 'msg' (line 581) [26592, 34784) 'msg' (line 525) HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow /var/tmp/portage/app-office/calcurse-4.8.1/work/calcurse-4.8.1/src/ical.c:693 in ical_readline Shadow bytes around the buggy address: 0x7efd3d812300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812480: 00 00 00 00 00 00 00 00 00 00 00 00 f2 f2 f2 f2 0x7efd3d812500: f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 =>0x7efd3d812580: f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2[f2]00 00 00 00 0x7efd3d812600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7efd3d812800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==679==ABORTING
If I can do more, please let me know.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Our Gentoo Tinderbox reported a test failure at bug 914094
Looking at test-suite.log I can see that it fails because of a stack-buffer-overflow:
If I can do more, please let me know.
The text was updated successfully, but these errors were encountered: