Bug#949191: clang-8: uses regexec without support for REG_STARTEND with -fsanitize=address

Fri, 17 Jan 2020 15:40:16 -0800 

Package: clang-8
Version: 1:8.0.1-4
Severity: normal

When clang-8 compiles with -fsanitize=address, it substitutes any calls
to regexec with a version that does not support REG_STARTEND.  This
makes code that is compiled fail unexpectedly or even produce spurious
sanitization errors, since with that option the buffer need not be
NUL-terminated.

While REG_STARTEND is not in POSIX, it is found on the BSDs and Linux
and users may reasonably rely on the fact that it is present on those
systems.

This issue has caused a bug in the Git testsuite as seen at
https://lore.kernel.org/git/20200117174931.ga8...@coredump.intra.peff.net/T/#t.

I've attached a testcase.  Without -fsanitize=address, it succeeds
silently.  With -fsanitize=address, it fails and prints an error.

Please either fix the regexec implementation such that it is fully
functional compared to the version in glibc or disable the sanitization
of regexec until it has feature parity.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages clang-8 depends on:
ii  binutils               2.33.50.20200115-2
ii  libc6                  2.29-9
ii  libc6-dev              2.29-9
ii  libclang-common-8-dev  1:8.0.1-4
ii  libclang1-8            1:8.0.1-4
ii  libgcc-8-dev           8.3.0-26
ii  libgcc-s1 [libgcc1]    10-20200107-1
ii  libgcc1                1:9.2.1-23
ii  libllvm8               1:8.0.1-4
ii  libobjc-8-dev          8.3.0-26
ii  libstdc++-8-dev        8.3.0-26
ii  libstdc++6             9.2.1-23

Versions of packages clang-8 recommends:
ii  libomp-8-dev  1:8.0.1-4
ii  llvm-8-dev    1:8.0.1-4
ii  python3       3.7.5-3

Versions of packages clang-8 suggests:
pn  clang-8-doc  <none>

-- no debconf information

-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204

#include <stdio.h>
#include <sys/types.h>
#include <regex.h>

int main(void)
{
    regex_t r;
    const char s[] = "ban\0ana";
    regmatch_t pmatch[10];
    pmatch[0].rm_so = 0;
    pmatch[0].rm_eo = sizeof(s);
    if (regcomp(&r, "ana", 0))
        return 2;
    if (regexec(&r, s, sizeof(pmatch)/sizeof(pmatch[0]), pmatch, REG_STARTEND)) {
        fprintf(stderr, "failed to match\n");
        regfree(&r);
        return 3;
    }
    regfree(&r);
    return 0;
}

Attachment: signature.asc
Description: PGP signature

Reply via email to