[Wesnoth-bugs] [bug #23608] UBSAN: findings while playing tutorial

2016-11-07 Thread Wedge009 
Follow-up Comment #3, bug #23608 (project wesnoth):

The commentary on l_hashfloat() seems to suggest this is a conscious decision
to use a signed int. Is this a valid issue?

___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #23608] UBSAN: findings while playing tutorial

2015-06-27 Thread anonymous 
Follow-up Comment #2, bug #23608 (project wesnoth):

s/buffer overflow/integer overflow

___

Reply to this item at:

  http://gna.org/bugs/?23608

___
  Nachricht gesendet von/durch Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #23608] UBSAN: findings while playing tutorial

2015-05-24 Thread anonymous 
Follow-up Comment #1, bug #23608 (project wesnoth):

The first one is related to luas hash funtion for tables and i wouldn't be
that suprised if a hash function uses a buffer overflow.

For the second one its hard to say what casues it because the line number just
points to the line 'class composite_aspect : public typesafe_aspectT {' and
does not tell us which function was called or by who it was called.

___

Reply to this item at:

  http://gna.org/bugs/?23608

___
  Nachricht gesendet von/durch Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #23608] UBSAN: findings while playing tutorial

2015-05-23 Thread Matthias Krüger 
URL:
  http://gna.org/bugs/?23608

 Summary: UBSAN: findings while playing tutorial
 Project: Battle for Wesnoth
Submitted by: matthiaskrgr
Submitted on: Sun 24 May 2015 12:48:25 AM UTC
Category: Bug
Severity: 2 - Minor
Priority: 5 - Normal
  Item Group: Artificial Intelligence
  Status: None
 Privacy: Public
 Assigned to: None
Originator Email: 
 Open/Closed: Open
 Discussion Lock: Any
 Release: git
Operating System: linux

___

Details:

Compiled the game with -fsanitize=address,undefined and -g3 under gcc 5 and
played a bit through the tutorial.

The first one appears fairly at game start:

/home/matthias/vcs/github/wesnoth/src/lua/ltable.cpp:81:3: runtime error:
signed integer overflow: 996952458 + 1420850562 cannot be represented in type
'int'


This one appears a few times as soon as the AI does it's turn.
/home/matthias/vcs/github/wesnoth/src/ai/composite/aspect.hpp:258:7: runtime
error: member call on address 0x7ffedb9531f0 which does not point to an object
of type 'readonly_context'
0x7ffedb9531f0: note: object has invalid vptr
 34 7f 00 00  00 b8 89 05 00 00 00 00  80 a2 45 00 a0 61 00 00  98 0a 6f 05 00
00 00 00  98 69 6f 05
  ^~~
  invalid vptr

And some more appear when I ended the scenario.

Full log attached.




___

File Attachments:


---
Date: Sun 24 May 2015 12:48:25 AM UTC  Name: ubsan1.txt  Size: 16kB   By:
matthiaskrgr

http://gna.org/bugs/download.php?file_id=24533

___

Reply to this item at:

  http://gna.org/bugs/?23608

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs