Bug#949191: clang-8: uses regexec without support for REG_STARTEND with -fsanitize=address

brian m. carlson sandals at crustytoothpaste.net
Fri Jan 17 23:34:32 GMT 2020 

Package: clang-8
Version: 1:8.0.1-4
Severity: normal

When clang-8 compiles with -fsanitize=address, it substitutes any calls
to regexec with a version that does not support REG_STARTEND.  This
makes code that is compiled fail unexpectedly or even produce spurious
sanitization errors, since with that option the buffer need not be
NUL-terminated.

While REG_STARTEND is not in POSIX, it is found on the BSDs and Linux
and users may reasonably rely on the fact that it is present on those
systems.

This issue has caused a bug in the Git testsuite as seen at
https://lore.kernel.org/git/20200117174931.GA8958@coredump.intra.peff.net/T/#t.

I've attached a testcase.  Without -fsanitize=address, it succeeds
silently.  With -fsanitize=address, it fails and prints an error.

Please either fix the regexec implementation such that it is fully
functional compared to the version in glibc or disable the sanitization
of regexec until it has feature parity.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages clang-8 depends on:
ii  binutils               2.33.50.20200115-2
ii  libc6                  2.29-9
ii  libc6-dev              2.29-9
ii  libclang-common-8-dev  1:8.0.1-4
ii  libclang1-8            1:8.0.1-4
ii  libgcc-8-dev           8.3.0-26
ii  libgcc-s1 [libgcc1]    10-20200107-1
ii  libgcc1                1:9.2.1-23
ii  libllvm8               1:8.0.1-4
ii  libobjc-8-dev          8.3.0-26
ii  libstdc++-8-dev        8.3.0-26
ii  libstdc++6             9.2.1-23

Versions of packages clang-8 recommends:
ii  libomp-8-dev  1:8.0.1-4
ii  llvm-8-dev    1:8.0.1-4
ii  python3       3.7.5-3

Versions of packages clang-8 suggests:
pn  clang-8-doc  <none>

-- no debconf information

-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: text/x-csrc
Size: 467 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-llvm-team/attachments/20200117/90be8ab1/attachment.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 868 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-llvm-team/attachments/20200117/90be8ab1/attachment.sig>

More information about the Pkg-llvm-team mailing list