Giter Club home page Giter Club logo

phoenix's Issues

Heap buffer overflow in `string_match` benchmark when `malloc` is used.

Heap buffer overflow in string_match benchmark when malloc is used.

How to reproduce:

Compile the benchmarks with a patch that enables the NO_MMAP flag and AddressSanitizer (ASan):

$ git clone https://github.com/kozyraki/phoenix.git

$ cd phoenix/phoenix-2.0/

$ echo 'diff --git a/phoenix-2.0/tests/string_match/Makefile b/phoenix-2.0/tests/string_match/Makefile
index be7d94b..310b965 100644
--- a/phoenix-2.0/tests/string_match/Makefile
+++ b/phoenix-2.0/tests/string_match/Makefile
@@ -46,16 +46,16 @@ default: all
 all: $(PROGS)
 
 string_match: $(STR_MATCH_OBJS) $(LIB_DEP)
-    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_OBJS) $(LIBS)
+    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_OBJS) $(LIBS) -fsanitize=address
 
 string_match-seq: $(STR_MATCH_SEQ_OBJS)
-    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_SEQ_OBJS) $(LIBS)
+    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_SEQ_OBJS) $(LIBS) -fsanitize=address
 
 string_match-pthread: $(STR_MATCH_PTHREAD_OBJS)
-    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_PTHREAD_OBJS) $(LIBS)
+    $(CC) $(CFLAGS) -o $@ $(STR_MATCH_PTHREAD_OBJS) $(LIBS) -fsanitize=address
 
 %.o: %.c
-    $(CC) $(CFLAGS) -c $< -o $@ -I$(HOME)/$(INC_DIR)
+    $(CC) $(CFLAGS) -c $< -o $@ -I$(HOME)/$(INC_DIR) -DNO_MMAP=1 -fsanitize=address
 
 clean:
     rm -f $(PROGS) $(STR_MATCH_OBJS) $(STR_MATCH_SEQ_OBJS) $(STR_MATCH_PTHREAD_OBJS)' > sm_overflow.patch

$ git apply sm_overflow.patch

$ make

Retrieve the inputs for the string_match benchmark:

$ cd tests/string_match

$ wget http://csl.stanford.edu/~christos/data/string_match.tar.gz

$ tar -xvf string_match.tar.gz

Run the string_matchbenchmark and observe the output of ASan:

$ ./string_match string_match_datafiles/key_file_50MB.txt

How to fix:

To fix the issue, you need to add 1 byte in the malloc call (to match the one used by the default mmap).
Then, the execution with ASan no longer reports the heap buffer overflow.
A sample patch is attached to this issue.
sm_overflow_fix_patch.txt

Tested on:

OS: Ubuntu 22.04.4 LTS
Kernel: 6.2.0-39-generic
gcc: 11.4.0

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.