Re: Clang and Address Sanitizer

2017-05-02 Thread Aayushi Agrawal
Ok thanks! On 02-May-2017 7:30 pm, "'Alexander Potapenko' via address-sanitizer" < address-sanitizer@googlegroups.com> wrote: > It's just that ASan detects errors on a best effort basis, and it's > harder to detect a buffer overflow past the buffer's redzone. > On the other hand, such errors are

Re: Clang and Address Sanitizer

2017-05-02 Thread 'Alexander Potapenko' via address-sanitizer
It's just that ASan detects errors on a best effort basis, and it's harder to detect a buffer overflow past the buffer's redzone. On the other hand, such errors are quite rare. On Tue, May 2, 2017 at 3:34 PM, Aayushi Agrawal wrote: > So is this a kind of issue which is not handled by address sani

Re: Clang and Address Sanitizer

2017-05-02 Thread Aayushi Agrawal
So is this a kind of issue which is not handled by address sanitizer ? On 02-May-2017 5:45 pm, "'Alexander Potapenko' via address-sanitizer" < address-sanitizer@googlegroups.com> wrote: > Most certainly the access to global_array[200] ends up touching a > valid location in g[], and the access to

Re: Clang and Address Sanitizer

2017-05-02 Thread 'Alexander Potapenko' via address-sanitizer
Most certainly the access to global_array[200] ends up touching a valid location in g[], and the access to g[200] lands somewhere in a region that has a shadow value of 0. Unfortunately ASan can only detect a buffer overflow if the memory access touches unaddressable memory (i.e. that with non-zero

Clang and Address Sanitizer

2017-05-02 Thread Aayushi Agrawal
Hello Here is code snippet - int global_array[101] = {-1}; char g[101] = {-2}; int main(int argc, char **argv) { global_array[atoi(argv[1])] = 70; g[atoi(argv[1])] = 'c'; } If I compile it with clang , address sanitizer and no other flags used then for input as "101" it gives ASAN buf