[Issue 8639] New: dmd buffer overflow related to function literal, real.max, template alias parameter

Sep 11, 2012

Nils

Sep 11, 2012

Damian Ziemba

Sep 12, 2012

Nils

Sep 12, 2012

Damian Ziemba

Nov 08, 2012

Don

Nov 08, 2012

github-bugzilla@puremagic.com

Nov 08, 2012

Brad Roberts

September 11, 2012

[Issue 8639] New: dmd buffer overflow related to function literal, real.max, template alias parameter

Posted by Nils

Permalink

Nils

Permalink

http://d.puremagic.com/issues/show_bug.cgi?id=8639

           Summary: dmd buffer overflow related to function literal,
                    real.max, template alias parameter
           Product: D
           Version: D2
          Platform: x86_64
        OS/Version: Linux
            Status: NEW
          Keywords: ice
          Severity: regression
          Priority: P2
         Component: DMD
        AssignedTo: nobody@puremagic.com
        ReportedBy: nilsbossung@googlemail.com


--- Comment #0 from Nils <nilsbossung@googlemail.com> 2012-09-11 00:27:07 PDT ---
Compiles with 2.058.

---
cat > test.d << code
void t(alias a)() {}
void main() {
  t!({auto r = real.max;})();
}
code
dmd test.d
---
*** buffer overflow detected ***: dmd terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0xf755add5]
/lib/i386-linux-gnu/libc.so.6(+0xfebaa)[0xf7559baa]
/lib/i386-linux-gnu/libc.so.6(+0xfe208)[0xf7559208]
/lib/i386-linux-gnu/libc.so.6(__overflow+0x4b)[0xf74cbfbb]
/lib/i386-linux-gnu/libc.so.6(+0x49e28)[0xf74a4e28]
/lib/i386-linux-gnu/libc.so.6(_IO_vfprintf+0x140f)[0xf749cbff]
/lib/i386-linux-gnu/libc.so.6(__vsprintf_chk+0xc9)[0xf75592d9]
/lib/i386-linux-gnu/libc.so.6(__sprintf_chk+0x2f)[0xf75591ef]
dmd[0x80e0377]
dmd[0x80e0471]
dmd[0x80a1fe3]
dmd[0x8147cff]
dmd[0x814401d]
dmd[0x80e360c]
dmd[0x815616e]
dmd[0x816037b]
dmd[0x80a98c8]
dmd[0x81627dd]
dmd[0x80ae828]
dmd[0x80b24f6]
dmd[0x80aad59]
dmd[0x8141901]
dmd[0x8140ccc]
dmd[0x80f666a]
dmd[0x80f54d8]
dmd[0x810e504]
dmd[0x810f61b]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xf74744d3]
======= Memory map: ========
08048000-081d8000 r-xp 00000000 08:06 14161076
/home/nils/d/dmd2.060/dmd2/linux/bin32/dmd
081d8000-081d9000 r--p 0018f000 08:06 14161076
/home/nils/d/dmd2.060/dmd2/linux/bin32/dmd
081d9000-081f3000 rw-p 00190000 08:06 14161076
/home/nils/d/dmd2.060/dmd2/linux/bin32/dmd
081f3000-081fa000 rw-p 00000000 00:00 0
0905c000-090eb000 rw-p 00000000 00:00 0                                  [heap]
f6b00000-f6b21000 rw-p 00000000 00:00 0
f6b21000-f6c00000 ---p 00000000 00:00 0
f6c57000-f6c58000 ---p 00000000 00:00 0
f6c58000-f745b000 rw-p 00000000 00:00 0
f745b000-f75fa000 r-xp 00000000 08:05 396976
/lib/i386-linux-gnu/libc-2.15.so
f75fa000-f75fc000 r--p 0019f000 08:05 396976
/lib/i386-linux-gnu/libc-2.15.so
f75fc000-f75fd000 rw-p 001a1000 08:05 396976
/lib/i386-linux-gnu/libc-2.15.so
f75fd000-f7600000 rw-p 00000000 00:00 0
f7600000-f761c000 r-xp 00000000 08:05 399715
/lib/i386-linux-gnu/libgcc_s.so.1
f761c000-f761d000 r--p 0001b000 08:05 399715
/lib/i386-linux-gnu/libgcc_s.so.1
f761d000-f761e000 rw-p 0001c000 08:05 399715
/lib/i386-linux-gnu/libgcc_s.so.1
f761e000-f7648000 r-xp 00000000 08:05 396988
/lib/i386-linux-gnu/libm-2.15.so
f7648000-f7649000 r--p 00029000 08:05 396988
/lib/i386-linux-gnu/libm-2.15.so
f7649000-f764a000 rw-p 0002a000 08:05 396988
/lib/i386-linux-gnu/libm-2.15.so
f764a000-f764b000 rw-p 00000000 00:00 0
f764b000-f7662000 r-xp 00000000 08:05 399637
/lib/i386-linux-gnu/libpthread-2.15.so
f7662000-f7663000 r--p 00016000 08:05 399637
/lib/i386-linux-gnu/libpthread-2.15.so
f7663000-f7664000 rw-p 00017000 08:05 399637
/lib/i386-linux-gnu/libpthread-2.15.so
f7664000-f7666000 rw-p 00000000 00:00 0
f7666000-f773e000 r-xp 00000000 08:05 1320530
/usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
f773e000-f773f000 ---p 000d8000 08:05 1320530
/usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
f773f000-f7743000 r--p 000d8000 08:05 1320530
/usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
f7743000-f7744000 rw-p 000dc000 08:05 1320530
/usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
f7744000-f774b000 rw-p 00000000 00:00 0
f7774000-f7777000 rw-p 00000000 00:00 0
f7777000-f7778000 r-xp 00000000 00:00 0                                  [vdso]
f7778000-f7798000 r-xp 00000000 08:05 393402
/lib/i386-linux-gnu/ld-2.15.so
f7798000-f7799000 r--p 0001f000 08:05 393402
/lib/i386-linux-gnu/ld-2.15.so
f7799000-f779a000 rw-p 00020000 08:05 393402
/lib/i386-linux-gnu/ld-2.15.so
ffb8f000-ffbb0000 rw-p 00000000 00:00 0
[stack]
Aborted (core dumped)
---

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 Damian Ziemba <nazriel6969@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nazriel6969@gmail.com --- Comment #1 from Damian Ziemba <nazriel6969@gmail.com> 2012-09-11 04:38:43 PDT --- Indeed this looks like DMD 2.060 bug -> http://dpaste.dzfl.pl/1df71ccc But seems to be already fixed in trunk -> http://dpaste.dzfl.pl/316495d5 -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 --- Comment #2 from Nils <nilsbossung@googlemail.com> 2012-09-12 00:45:19 PDT --- (In reply to comment #1) > But seems to be already fixed in trunk -> http://dpaste.dzfl.pl/316495d5 Doesn't work for me with the current git head (842eeeea58c997171716d6ef54c2dcdd0be87df9). -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 --- Comment #3 from Damian Ziemba <nazriel6969@gmail.com> 2012-09-12 00:58:52 PDT --- This is strange then. http://dpaste.dzfl.pl/abe6e5ca - newest head (842eeeea58c997171716d6ef54c2dcdd0be87df9) and it works fine with both m64 and m32. Build farm that Dpaste uses is Linux x86_64 so seems to match your setup It works with GDC, LDC, DMD 1.075, and seems to *only* fail with DMD 2.060 release. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 Don <clugdbug@yahoo.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |pull --- Comment #4 from Don <clugdbug@yahoo.com.au> 2012-11-08 14:44:27 PST --- https://github.com/D-Programming-Language/dmd/pull/1270 -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 --- Comment #5 from github-bugzilla@puremagic.com 2012-11-08 15:49:13 PST --- Commit pushed to master at https://github.com/D-Programming-Language/dmd https://github.com/D-Programming-Language/dmd/commit/ba044ed561bb16715f1dd34e79e308ac2d31efb8 Fix issue 8639 dmd buffer overflow related to function literal, real.max, template alias parameter The buffer for float conversion wasn't quite big enough!! -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

http://d.puremagic.com/issues/show_bug.cgi?id=8639 Brad Roberts <braddr@puremagic.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |braddr@puremagic.com Resolution| |FIXED -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------

Forums