Bug#949192: gcc-10: uses regexec without support for REG_STARTEND with -fsanitize=address

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#949192: gcc-10: uses regexec without support for REG_STARTEND with -fsanitize=address
From: "brian m. carlson" <sandals@crustytoothpaste.net>
Date: Fri, 17 Jan 2020 23:37:12 +0000
Message-id: <[🔎] 20200117233712.GA3846216@camp.crustytoothpaste.net>
Reply-to: "brian m. carlson" <sandals@crustytoothpaste.net>, 949192@bugs.debian.org

Package: libasan6
Version: 10-20200107-1
Severity: normal

When gcc-10 compiles with -fsanitize=address, it substitutes any calls
to regexec with a version that does not support REG_STARTEND.  This
makes code that is compiled fail unexpectedly or even produce spurious
sanitization errors, since with that option the buffer need not be
NUL-terminated.

While REG_STARTEND is not in POSIX, it is found on the BSDs and Linux
and users may reasonably rely on the fact that it is present on those
systems.

This issue has caused a bug in the Git testsuite as seen at
https://lore.kernel.org/git/20200117174931.GA8958@coredump.intra.peff.net/T/#t.

I've attached a testcase.  Without -fsanitize=address, it succeeds
silently.  With -fsanitize=address, it fails and prints an error.

Please either fix the regexec implementation such that it is fully
functional compared to the version in glibc or disable the sanitization
of regexec until it has feature parity.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libasan6 depends on:
ii  gcc-10-base  10-20200107-1
ii  libc6        2.29-9
ii  libgcc-s1    10-20200107-1

libasan6 recommends no packages.

libasan6 suggests no packages.

-- no debconf information

-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204

#include <stdio.h>
#include <sys/types.h>
#include <regex.h>

int main(void)
{
    regex_t r;
    const char s[] = "ban\0ana";
    regmatch_t pmatch[10];
    pmatch[0].rm_so = 0;
    pmatch[0].rm_eo = sizeof(s);
    if (regcomp(&r, "ana", 0))
        return 2;
    if (regexec(&r, s, sizeof(pmatch)/sizeof(pmatch[0]), pmatch, REG_STARTEND)) {
        fprintf(stderr, "failed to match\n");
        regfree(&r);
        return 3;
    }
    regfree(&r);
    return 0;
}

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Processed: Re: g++: internal compiler error on beignet
Next by Date: Results for 10.0.1 20200117 (experimental) (Debian 10-20200117-2) testsuite on arm-unknown-linux-gnueabihf
Previous by thread: gcc-10_10-20200117-2_source.changes ACCEPTED into experimental
Next by thread: Results for 10.0.1 20200117 (experimental) (Debian 10-20200117-2) testsuite on arm-unknown-linux-gnueabihf
Index(es):
- Date
- Thread