Dear GNU make developers, How is going with analyzing and fixing these bugs? Any feedback?
Best, Jingxuan On 30 Jun 2021, at 19:33, He Jingxuan <jingxuan...@inf.ethz.ch<mailto:jingxuan...@inf.ethz.ch>> wrote: Dear GNU make developers, We tested GNU make with an automatic tool (based on the fuzzer AFL). A number of test cases triggering UBSan integer overflow errors were generated. We manually checked those test cases and filtered out benign cases. Finally, we identified and report 3 cases that could trigger bugs. Below is the information for reproducing the bugs. - make version: 4.3 - operating system: Ubuntu 16.04.7 - compiler: clang version 6.0.0-1ubuntu2~16.04.1 (tags/RELEASE_600/final) - compilation commands: mkdir obj cd obj CC=clang CFLAGS="-g -O1 -Xclang -disable-llvm-passes -D__NO_STRING_INLINES -D_FORTIFY_SOURCE=0 -U__OPTIMIZE__ -fsanitize=signed-integer-overflow -fsanitize=unsigned-integer-overflow -fsanitize=shift -fsanitize=bounds -fsanitize=pointer-overflow -fsanitize=null" ../configure --disable-nls --disable-largefile --disable-job-server --disable-load make - inputs: the input files are attached bug 1 command: make -n -f make1.input relevant error message: ../src/read.c:2354:64: runtime error: unsigned integer overflow: 27 - 18446744073709551615 cannot be represented in type 'unsigned long' bug 2 command: make -n -f make2.input relevant error message: ../src/read.c:2397:64: runtime error: unsigned integer overflow: 1 - 18446744073709551607 cannot be represented in type 'unsigned long' bug 3 command: make -n -f make3.input relevant error message: ../src/read.c:2523:56: runtime error: unsigned integer overflow: 1 - 18446744073709551609 cannot be represented in type 'unsigned long' Best, Jingxuan <make1.input><make2.input><make3.input>
