[bug] make: two unsigned integer overflows in src/implicit.c

Thu, 12 Mar 2026 05:58:49 -0700 

Hello,

I would like to report two sanitizer-detected violations in GNU make 4.4.1.

I built make with sanitizers enabled using:

CC=clang
CFLAGS="-O1 -g -fno-omit-frame-pointer 
-fsanitize=address,undefined,integer,bounds"
LDFLAGS="-fsanitize=address,undefined,integer,bounds"


Observed results:

/root/build/make-4.4.1/src/implicit.c:192:40: runtime error: unsigned integer 
overflow: 0 - 1 cannot be represented in type 'unsigned int'
#0 0x52e09a in stemlen_compare /root/build/make-4.4.1/src/implicit.c:192:40
#1 0x47d3c9 in qsort (/work/build/make-4.4.1/obj-gcov2/make+0x47d3c9)
#2 0x52193a in pattern_search /root/build/make-4.4.1/src/implicit.c:431:5
#3 0x51eef0 in try_implicit_rule /root/build/make-4.4.1/src/implicit.c:48:7
#4 0x5a1cd6 in update_file_1 /root/build/make-4.4.1/src/remake.c:557:7
#5 0x5972ca in update_file /root/build/make-4.4.1/src/remake.c:367:13
#6 0x595874 in update_goal_chain /root/build/make-4.4.1/src/remake.c:184:22
#7 0x551742 in main /root/build/make-4.4.1/src/main.c:2448:18
#8 0x79bd73f2fc86 in __libc_start_main 
/build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310
#9 0x420f19 in _start (/work/build/make-4.4.1/obj-gcov2/make+0x420f19)

/root/build/make-4.4.1/src/implicit.c:191:30: runtime error: unsigned integer 
overflow: 1 - 3 cannot be represented in type 'unsigned long'
#0 0x52df3b in stemlen_compare /root/build/make-4.4.1/src/implicit.c:191:30
#1 0x47d3c9 in qsort (/work/build/make-4.4.1/obj-gcov2/make+0x47d3c9)
#2 0x52193a in pattern_search /root/build/make-4.4.1/src/implicit.c:431:5
#3 0x528206 in pattern_search /root/build/make-4.4.1/src/implicit.c:896:27
#4 0x51eef0 in try_implicit_rule /root/build/make-4.4.1/src/implicit.c:48:7
#5 0x5a1cd6 in update_file_1 /root/build/make-4.4.1/src/remake.c:557:7
#6 0x5972ca in update_file /root/build/make-4.4.1/src/remake.c:367:13
#7 0x595874 in update_goal_chain /root/build/make-4.4.1/src/remake.c:184:22
#8 0x551742 in main /root/build/make-4.4.1/src/main.c:2448:18
#9 0x79bd73f2fc86 in __libc_start_main 
/build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310
#10 0x420f19 in _start (/work/build/make-4.4.1/obj-gcov2/make+0x420f19)


Best regards,
Lingfeng Chen <https://aka.ms/GetOutlookForMac>

Reply via email to