develooper Front page | perl.perl5.porters | Postings from January 2019

[perl #130270] fuzzing testcase triggers LeakSanitizer over 101 bytememory leak

From:
Tony Cook via RT
Date:
January 21, 2019 04:19
Subject:
[perl #130270] fuzzing testcase triggers LeakSanitizer over 101 bytememory leak
Message ID:
rt-4.0.24-7406-1548044361-357.130270-15-0@perl.org
On Mon, 05 Dec 2016 16:27:55 -0800, tonyc wrote:
> On Mon, 05 Dec 2016 10:52:13 -0800, brian.carpenter@gmail.com wrote:
> > Triggered with Perl v5.25.7-26-g7332835. I've never seen this before
> > with
> > Perl, not sure if it is even a bug or just an unlucky test case
> > generated
> > by AFL.
> >
> > ./perl test269
> 
> This looks like more than one bug, with some interactions between
> them.
> 
> If I build blead with -DDEBUGGING -Doptimize=-O0\ -g and run your
> code as "130270.pl" I see the leak you describe under valgrind -
> sometimes:

Looking at this now:

$ ./perl -Ilib -MO=Deparse ../130270.pl
$$0 ^= ($0 |= (*0 = *aHH::HHMHHHHHHHOH)), *& = ($$0 ^= ($0 |= (*0 = *aHH::HHMHHHHHHHOH = *& = *a6))) foreach (('b') x 56);
'???';

it looks like another stack-not-refcounted bug.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=130270



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About