Hello,
normally buffer overflows are detected by address sanitizer. Then I recognized, that this is not the case, if the array is located inside a structure. Thus I created a small example (test.c):
struct xxx {
int a;
int buffer\[10\];
int b;
};
int main(void) {
struct xxx var;
int buffer\[10\];
int count;
for \(count = 0; count <=10; count\+\+\) \{
var\.buffer\[count\] = count;
buffer\[count\] = count;
\}
return 0;
}
The command I used is: clang -g -fsanitize=address -fsanitize-address-field-padding=2 test.c
The clang version I used is: clang version 5.0.0
When I run the executable, I get a stack-buffer-overflow. But the buffer-overflow of the array inside the structure, which happens before the stack-buffer overflow, is not detected by address sanitizer.
My question is now: Is this a known limitation of the address sanitizer or is the intra-object-overflow not working correct?
Thanks,
Stefan