make buffer under-read while parsing conditional variables
This was discovered after building a 64-bit version of make. The 32-bit version also suffers from the same problem, but for some reason it doesn't cause it to core dump. Here's the dump from the 64-bit version:
root@omnios:/root/illumos-gate# pstack usr/src/lib/libsocket/amd64/core core 'usr/src/lib/libsocket/amd64/core' of 15744: /root/illumos-gate/usr/src/tools/make/bin/make install fffffd7fff240bb8 wcscmp (fffffd83ffdfa580, fffffd7fffdf955c) + 18 0000000000410111 _ZL24add_pattern_conditionalsP5_Name () + 100 000000000041254f _Z6donameP5_Name7BooleanS1_S1_ () + 329 00000000004187b2 _ZL12make_targetsiPPc7Boolean () + 34 000000000041b58c main () + 2666 000000000040d3fc _start () + 6c
Edit: To clarify, the issue is in the add_pattern_conditionals function in usr/src/cmd/make/bin/doname.cc which does some arithmetic when matching patterns with targets. For some targets it ends up passing a negative value to get_string() which returns an invalid address. When this address is passed to wcscmp (behind the IS_WEQUAL macro) make dumps.
Updated by Electric Monk over 4 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
commit 67c3092ccd4e8c261df7eded9df072ff9c4e330b Author: Andrew Stormont <firstname.lastname@example.org> Date: 2016-07-26T17:24:12.000Z 7214 make buffer under-read while parsing conditional variables Reviewed by: Richard Lowe <email@example.com> Reviewed by: Robert Mustacchi <firstname.lastname@example.org> Approved by: Dan McDonald <email@example.com>