Fix compiler crash. #1992
Closed
Fix compiler crash. #1992
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The compiler hits some asserts when compiling this rule:
```
rule r{condition:for 5f in(""):(f
```
It looks like the value of the expression here is undefined, so when trying to
use the buffer_id and offset fields of the sized_string_ref we end up using the
upper and lower halves of YR_UNDEFINED as if they are real values.
I'm not sure I like checking for YR_UNDEFINED using the integer field of the
union, so I'm open to better ideas here.
Found by: Google clusterfuzz
plusvic
reviewed
Nov 15, 2023
| @@ -1318,6 +1318,10 @@ regexp | |||
| boolean_expression | |||
| : expression | |||
| { | |||
| // If the value of an expression is ever undefined we have a problem. | |||
There was a problem hiding this comment.
I would say that an expression can be undefined, in fact, most expressions will be undefined because their value can't be known at compile time. I'm not understanding the reasoning behind this fix.
There was a problem hiding this comment.
It fixes a compiler crash, which I have used in the test case. I don't think the fix is technically correct but I did want to bring it up as a fuzzer found it and it got auto assigned to me. ;)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The compiler hits some asserts when compiling this rule:
It looks like the value of the expression here is undefined, so when trying to use the buffer_id and offset fields of the sized_string_ref we end up using the upper and lower halves of YR_UNDEFINED as if they are real values.
I'm not sure I like checking for YR_UNDEFINED using the integer field of the union, so I'm open to better ideas here.
Found by: Google clusterfuzz