Playing around with address sanitizer

Poul-Henning Kamp phk at phk.freebsd.dk
Mon Feb 1 20:24:13 CET 2016


--------
In message <CAEh05VYdXPNr8v3=0uyeMK16u-hMxWGvgvcEh00A1FiURor3BA at mail.gmail.com>
, Dag Haavi Finstad writes:

>This exposed a few buffer overflow situations, mainly in varnishtest.
>Patches w/ fixes attached.

Cool!

>This was done with ASan's leak checker disabled, since varnishtest has
>intentional memory leaks [...]

I wouldn't really call them "intentional", it's more like they're
tolerated because we know they will not cause trouble.

Ideally I like all memory to be accounted for, if for nothing else
to prove to yourself that you know what the program actually does :-)

>In addition, there is a use-after-free situation in current master
>related to ESI (not present in 4.1.1). I'm about to file a bug for
>that one.

Ok, that's bad.

I've put the patches in my queue.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.



More information about the varnish-dev mailing list