From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/7230
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: buffer overflow in regcomp and a way to find more of those
Date: Fri, 20 Mar 2015 21:00:43 -0400
Message-ID: <20150321010043.GR23507@brightrain.aerifal.cx>
References: <CAGQ9bdxBDFu+7cnBFxk_toa_C0qwVCgLG=Jc7zMs8cVB8y+UFA@mail.gmail.com>
 <20150320235227.GE16260@port70.net>
 <CAGQ9bdyZJmC_94EzSxxnogq8Z213LbgEOPE6==7KHNfTuCUSUQ@mail.gmail.com>
 <20150321002616.GF16260@port70.net>
 <20150321004637.GQ23507@brightrain.aerifal.cx>
 <CAGQ9bdxQO-xCLBeL_J7R9ywqN_FMAyHaccQLyWNCNfoBDXfBcA@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1426899671 17076 80.91.229.3 (21 Mar 2015 01:01:11 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sat, 21 Mar 2015 01:01:11 +0000 (UTC)
Cc: musl@lists.openwall.com
To: Konstantin Serebryany <konstantin.s.serebryany@gmail.com>
Original-X-From: musl-return-7243-gllmg-musl=m.gmane.org@lists.openwall.com Sat Mar 21 02:01:04 2015
Return-path: <musl-return-7243-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-7243-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1YZ7mc-0007YC-NW
	for gllmg-musl@m.gmane.org; Sat, 21 Mar 2015 02:00:58 +0100
Original-Received: (qmail 10035 invoked by uid 550); 21 Mar 2015 01:00:56 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 10017 invoked from network); 21 Mar 2015 01:00:56 -0000
Content-Disposition: inline
In-Reply-To: <CAGQ9bdxQO-xCLBeL_J7R9ywqN_FMAyHaccQLyWNCNfoBDXfBcA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:7230
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/7230>

On Fri, Mar 20, 2015 at 05:54:49PM -0700, Konstantin Serebryany wrote:
> >> > > the question is how hard it is to do (1) ?
> >> > >
> >> > > i assume asan is non-trivial to set up for that (or is it
> >> > > enough to replace malloc calls? and some startup logic?)
> >> >
> >> > asan replaces malloc and a few more libc functions.
> >> > It works with various different libcs, so there is a good chance that
> >> > it will work here with no or minimal changes.
> >>
> >> ok i'll try it
> >
> > I would guess it works with no change for static linking, but some
> > changes might be needed for dynamic linking. I'm perfectly happy with
> > all the fuzzing being done with static linking anyway; I don't think
> > dynamic linking would have significant additional code paths whose
> > coverage need checking.
> 
> sadly, asan does not support fully static linking.

Is this just an oversight or something fundamental that's hard to fix?
The sort of things it wants to do are much less likely to work with
dynamic linking. Dynamic-linked musl requires all internal symbol
references to be resolved at ld-time and does not support interposing
in front of them.

Rich