Hello list.
Since some time ago, building diff.exe with ASAN (on Windows-10),
causes it to trigger on illegal use of memcpy().
For example:
==3752==ERROR: AddressSanitizer: heap-use-after-free on address 0x121647e20772
at
pc 0x7ffc6e93727e bp 0x00d589efdba0 sp 0x00d589efd330
WRITE of size 17 at 0x121647e20772 thread T0
#0 0x7ffc6e93727d in __asan_memcpy
D:\a\_work\1\s\src\vctools\asan\llvm\compiler-rt\li\asan\asan_interceptors_memintrinsics.cpp:22
#1 0x7ff604834af1 in dir_read F:\MinGW32\src\gnu\GNU-diff\src\dir.c:101
#2 0x7ff604832ec7 in diff_dirs F:\MinGW32\src\gnu\GNU-diff\src\dir.c:214
#3 0x7ff60482dc37 in compare_files
F:\MinGW32\src\gnu\GNU-diff\src\diff.c:1369
#4 0x7ff604833b1b in diff_dirs F:\MinGW32\src\gnu\GNU-diff\src\dir.c:289
#5 0x7ff60482dc37 in compare_files
F:\MinGW32\src\gnu\GNU-diff\src\diff.c:1369
#6 0x7ff60483270e in main F:\MinGW32\src\gnu\GNU-diff\src\diff.c:862
...
-----------------------
This causes Heap Corruption all over the place.
I'm not sure this is an issue with Gnulib or diff. But reverting this
patch:
diff --git a/src/dir.c b/src/dir.c
index ba9403b..773afeb 100644
--- a/src/dir.c
+++ b/src/dir.c
@@ -95,13 +95,9 @@ dir_read (struct file_data const *dir, struct dirdata
*dirdata)
if (excluded_file_name (excluded, d_name))
continue;
- while (data_alloc - data_used < d_size)
- {
- if (IDX_MAX / 2 <= data_alloc)
- xalloc_die ();
- dirdata->data = data = xirealloc (data, data_alloc *= 2);
- }
-
+ if (data_alloc - data_used < d_size)
+ dirdata->data = xpalloc (dirdata->data, &data_alloc,
+ d_size - (data_alloc - data_used), -1, 1);
memcpy (data + data_used, d_name, d_size);
data_used += d_size;
nnames++;
--------
it work with ASAN too (although much slower).
--
--gv
