[tor-bugs] #24733 [Core Tor/Tor]: Loading ifc.ifc_buf using the new tor_free() causes undefined behaviour on x86_64 macOS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 2 20:18:09 UTC 2018
#24733: Loading ifc.ifc_buf using the new tor_free() causes undefined behaviour on
x86_64 macOS
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: defect | Status:
| merge_ready
Priority: Medium | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: address-sanitizer, unexpected- | Actual Points: 0.1
consequences |
Parent ID: | Points: 0.1
Reviewer: | Sponsor:
| Sponsor8-can
-------------------------------------------------+-------------------------
Comment (by teor):
The newly introduced load to a local pointer variable from an address
that's (N*8 + 4).
I don't think the type of the pointer matters.
Strangely, the comparison of that address to NULL, and the store of NULL
to that address doesn't trigger the same warning in AddressSanitizer (or
they are optimised out by the compiler!)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24733#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list