Asan fails to report global buffer overflow if global buffer is not initialized

Shi_Steven · October 19, 2016, 10:25am

Hi Kcc,

I find both clang and gcc fail to report global buffer overflow if global buffer is not initialized. Below is my test code and build commands. Please advise.

#include <stdio.h>

int global_array[11];

int main(int argc, char **argv) {

int Num;

Num = 11;

global_array[Num] = 0x87654321; // global buffer overflow

printf(“global_array[%d]=0x%x\n”, Num, global_array[Num]);

return global_array[Num];

}

$clang global.c -fsanitize=address -g -O0

$ ./a.out

global_array[11]=0x87654321

$gcc-5 global.c -fsanitize=address -g -O0

$ ./a.out

global_array[11]=0x87654321

But both clang and gcc can report global buffer overflow if global buffer first item is initialized as below.

#include <stdio.h>

int global_array[11]={0};

int main(int argc, char **argv) {

int Num;

Num = 11;

global_array[Num] = 0x87654321; // global buffer overflow

printf(“global_array[%d]=0x%x\n”, Num, global_array[Num]);

return global_array[Num];

}

$clang global.c -fsanitize=address -g -O0

$ ./a.out

Kostya_Serebryany · October 19, 2016, 7:06pm

Please check the second entry in the FAQ: https://github.com/google/sanitizers/wiki/AddressSanitizer#faq
Tl;Dr:
for C you need to add -fno-common
for C++ everything will work out of the box