[Bug sanitizer/105405] missed buffer-overflow in -O0

jakub at gcc dot gnu.org via Gcc-bugs Thu, 28 Apr 2022 02:04:43 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105405


Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|WAITING                     |RESOLVED

--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
j[5][1].h is 36 after the end of a array, that is definitely too far.
Red zone can be 16 bytes or even less in certain cases (e.g. in the PR105396
case it is 12 bytes in between d and b variables).
ASan mostly protects against buffer overflows, something accesses the last byte
of a variable, then the byte after it, ... (or similarly the first byte of a
variable, then the byte before it, ...).
-fsanitize=undefined on the other side includes the bounds sanitizer that
verifies array indexes by comparing them against the number of elements the
array has.

[Bug sanitizer/105405] missed buffer-overflow in -O0

Reply via email to