openxc / bitfield-c Goto Github PK
View Code? Open in Web Editor NEWBit array parsing and encoding utility library in C
License: BSD 3-Clause "New" or "Revised" License
Bit array parsing and encoding utility library in C
License: BSD 3-Clause "New" or "Revised" License
how to make this lib and install on Linux?
In order to use the tool #include <bitfield/bitfield.h>
in code
For example , I have a bit array: b0000 0011 1000 0000
when i use get_bitfield, for offset 7, and bit count of 3. what i need is b111
, but I got 0
When running make test
with -fsanitize=address
in CFLAGS and LDFLAGS, AddressSanitizer quickly finds a bug in copy_bits.
The issue seems to be the increment of source on line 72:
bitfield-c/src/bitfield/bitarray.c
Lines 72 to 73 in e5692e7
If source
was already pointing at &source_origin[source_length - 1]
, then the read after the increment of source reads the next byte on the stack, out of bounds of the source array.
=== ASAN output below: ===
Running suite(s): bitfield
=================================================================
==166==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffd9e915501 at pc 0x55df99f5bde0 bp 0x7ffd9e915420 sp 0x7ffd9e915418
READ of size 1 at 0x7ffd9e915501 thread T0
#0 0x55df99f5bddf in copy_bits src/bitfield/bitarray.c:73
#1 0x55df99f5cb8d in set_nibble src/bitfield/bitfield.c:103
#2 0x55df99f58b24 in test_set_nibble tests/bitfield_tests.c:18
#3 0x7f0fcda1cdcf (/lib64/libcheck.so.0+0x5dcf)
#4 0x7f0fcda1d40d in srunner_run_tagged (/lib64/libcheck.so.0+0x640d)
#5 0x55df99f5b68e in main tests/bitfield_tests.c:141
#6 0x7f0fcd24f6a2 in __libc_start_main (/lib64/libc.so.6+0x236a2)
#7 0x55df99f5866d in _start (/workspace/lib/bitfield-c/build/tests/bitfield_tests.bin+0x666d)
Address 0x7ffd9e915501 is located in stack of thread T0 at offset 33 in frame
#0 0x55df99f5cac8 in set_nibble src/bitfield/bitfield.c:102
This frame has 1 object(s):
[32, 33) 'value' (line 101) <== Memory access at offset 33 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow src/bitfield/bitarray.c:73 in copy_bits
Shadow bytes around the buggy address:
0x100033d1aa50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aa60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aa70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aa90: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
=>0x100033d1aaa0:[01]f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aab0: 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00
0x100033d1aac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100033d1aaf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==166==ABORTING
ERROR in test build/tests/bitfield_tests.bin:
$ gcc --version
gcc (GCC) 10.1.0
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Add test case in "test_set_bitfield":
.....
START_TEST (test_set_bitfield)
{
uint8_t data[4] = {0};
fail_unless(set_bitfield(0x12, 0, 8, data, sizeof(data)));
fail_unless(set_bitfield(bitmask(3), 10, 3, data, sizeof(data)));
ck_assert_int_eq(data[0], 0x12);
ck_assert_int_eq(data[1], 0x38);
// Add test case
fail_unless(set_bitfield(0x1, 23, 1, data, sizeof(data)));
ck_assert_int_eq(data[2], 0x1); // Should be 0x1
fail_unless(set_bitfield(0x1, 21, 2, data, sizeof(data)));
ck_assert_int_eq(data[2], 0x3); // Should be 0x3
}
END_TEST
.....
As above, when call "set_bitfield(0x1, 21, 2, data, sizeof(data));", data2 will be set to "0" by macro "PREPARE_FIRST_COPY", and then the result will be 0x2. Test failed as follow:
90%: Checks: 10, Failures: 1, Errors: 0
tests/bitfield_tests.c:39:F:core:test_set_bitfield:0: Assertion 'data[2]==0x3' failed: data[2]==2, 0x3==3
In order to "make coverage" I had to amend the Makefile as such:
LDLIBS = -lcheck -lpthread -lsubunit -lrt -lm
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.