classification
Title: heap-buffer-overflow in obmalloc.c:987
Type: compile error Stage: resolved
Components: Build Versions: Python 3.3
process
Status: closed Resolution: duplicate
Dependencies: Superseder: enable usage of AddressSanitizer in CPython [PATCH]
View: 18596
Assigned To: Nosy List: Jeffrey.Walton, neologix
Priority: normal Keywords:

Created on 2014-03-17 03:28 by Jeffrey.Walton, last changed 2014-03-23 13:19 by neologix. This issue is now closed.

Messages (2)
msg213788 - (view) Author: Jeffrey Walton (Jeffrey.Walton) * Date: 2014-03-17 03:28
This came from Python 3.3.5 downloaded from thePython download page (). 

The issue occurred while compiling with Clang 3.4 using the address sanitizer (-fsanitize=address)

/usr/local/bin/clang -fsanitize=address   -Xlinker -export-dynamic -o python Modules/python.o libpython3.3m.a -ldl  -lutil /usr/local/ssl/lib/libssl.a /usr/local/ssl/lib/libcrypto.a -ldl   -lm  
./python -E -S -m sysconfig --generate-posix-vars
=================================================================
==24064==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000004020 at pc 0x4ed4b2 bp 0x7fff80fff010 sp 0x7fff80fff008
READ of size 4 at 0x619000004020 thread T0
    #0 0x4ed4b1 in PyObject_Free Python-3.3.5/./Objects/obmalloc.c:987
    #1 0x7a2141 in code_dealloc Python-3.3.5/./Objects/codeobject.c:359
    #2 0x620c00 in PyImport_ImportFrozenModuleObject Python-3.3.5/./Python/import.c:1098
    #3 0x620d5c in PyImport_ImportFrozenModule Python-3.3.5/./Python/import.c:1114
    #4 0x63fd07 in import_init Python-3.3.5/./Python/pythonrun.c:206
    #5 0x63f636 in _Py_InitializeEx_Private Python-3.3.5/./Python/pythonrun.c:369
    #6 0x681d77 in Py_Main Python-3.3.5/./Modules/main.c:648
    #7 0x4e6894 in main Python-3.3.5/././Modules/python.c:62
    #8 0x2abf9a525eac in __libc_start_main /home/aurel32/eglibc/eglibc-2.13/csu/libc-start.c:244
    #9 0x4e664c in _start (Python-3.3.5/./python+0x4e664c)

AddressSanitizer can not describe address in more detail (wild memory access suspected).
SUMMARY: AddressSanitizer: heap-buffer-overflow Python-3.3.5/./Objects/obmalloc.c:987 PyObject_Free
Shadow bytes around the buggy address:
  0x0c327fff87b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c327fff8800: fa fa fa fa[fa]fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8810: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8820: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8830: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8840: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8850: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap right redzone:    fb
  Freed heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==24064==ABORTING
make: *** [pybuilddir.txt] Error 1
msg214576 - (view) Author: Charles-Fran├žois Natali (neologix) * (Python committer) Date: 2014-03-23 13:19
It's a duplicate of issue #18596, which has already been fixed.

Jeffrey, when you report an issue, please check with the latest version.

Thanks!
History
Date User Action Args
2014-03-23 13:19:07neologixsetstatus: open -> closed

superseder: enable usage of AddressSanitizer in CPython [PATCH]
nosy: + neologix

messages: + msg214576
type: compile error
resolution: duplicate
stage: resolved
2014-03-17 03:28:17Jeffrey.Waltoncreate