ahatanak added a comment.

In http://reviews.llvm.org/D20334#439248, @bcraig wrote:

> ASAN is complaining about an excessively large read.  If the problem was in 
> overflow, I would expect ASAN to complain about an out-of-bounds write 
> instead.


According to the example shown in the link below, ASAN is complaining about an 
out-of-bounds read:

https://github.com/google/sanitizers/wiki/AddressSanitizerExampleHeapOutOfBounds

This happens because epptr is not set correctly in strstreambuf::overflow. This 
causes the null terminator to be written to the wrong location, which causes 
strlen to keep reading the characters past the end of the allocated block.

strstreambuf::overflow is allocating a memory block that is sufficiently large, 
so ASAN doesn't complain about an out-of-bounds write.


http://reviews.llvm.org/D20334



_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to