Hi colleagues, I've recently come across discussion of invalid qsort comparators (and unpleasant consequences which they may have) at https://www.openwall.com/lists/oss-security/2024/01/30/7 and https://www.openwall.com/lists/oss-security/2024/06/24/3
I myself have run into similar issues in the past and ended up developing a dynamic checker to detect them automatically: https://github.com/yugr/sortcheck (and its C++ analog at https://github.com/yugr/sortcheckxx for std::sort and other relevant STL APIs). Even with very basic setup (semi-automatic testing of Debian packages, no fuzzing) the tool was able to find numerous bugs in open-source programs (see e.g. https://github.com/yugr/sortcheck?tab=readme-ov-file#what-are-current-results). I believe many (10x) more bugs are still out there, waiting for more patient testers. Please let me know if someone is interested in applying these tools to their programs/distros. Best regards, Yury "yugr" Gribov PS: In case anyone wants more background on comparators, here is a presentation with some general theory, most popular errors and overview of existing tooling: https://github.com/yugr/CppRussia/blob/master/2023/EN.pdf <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Никаких вирусов.www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
