-
Notifications
You must be signed in to change notification settings - Fork 229
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack Overflow (operator_int_cmp) #130
Comments
I think to have fixed it by d493524 |
I removed the Valgrind output because it was interpreted as reference to other issues. |
I am still playing with the code and bug on this, but I think we have a different bug now. So I was able to bypass the check for converting objects to Int's by doing a typecast. Code below will cause the heap to almost go into a infinite loop before crashing (Heap Overflow). It allocates 6,532,018,156 bytes to the heap before crashing. Test 1:
Test 2:
Valgrind: ==2477== Memcheck, a memory error detector |
Well, it is not really a typecast, what you are really doing is allocating an Int class passing self as an argument. It is an interesting case, something I have not covered yet. I should be able to fix pretty quickly. |
Fixed by c67888e. |
Bug still exists using the same testcase. Attached is the ASAN output. Causing a infinite loop.
|
Hi @tylerp96 please pull the latest version and try again. |
Fixed. got the error "RUNTIME ERROR: Infinite loop detected. Current execution must be aborted." Good fix. |
There is a stack based buffer overflow in the operator_int_cmp function. By using the testcase below, it is possible to trigger a stack overflow. It has something to do with the "self" value being called. Attached is the valgrind, ASAN, and GDB output.
The text was updated successfully, but these errors were encountered: