Bug#949192: marked as done (gcc-10: uses regexec without support for REG_STARTEND with -fsanitize=address)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sat, 27 Mar 2021 12:48:31 +0000
with message-id <E1lQ8Mh-000BLw-VE@fasolo.debian.org>
and subject line Bug#949192: fixed in gcc-11 11-20210327-1
has caused the Debian Bug report #949192,
regarding gcc-10: uses regexec without support for REG_STARTEND with -fsanitize=address
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
949192: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949192
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: gcc-10: uses regexec without support for REG_STARTEND with -fsanitize=address
• From: "brian m. carlson" <sandals@crustytoothpaste.net>
• Date: Fri, 17 Jan 2020 23:37:12 +0000
• Message-id: <20200117233712.GA3846216@camp.crustytoothpaste.net>

Package: libasan6
Version: 10-20200107-1
Severity: normal

When gcc-10 compiles with -fsanitize=address, it substitutes any calls
to regexec with a version that does not support REG_STARTEND.  This
makes code that is compiled fail unexpectedly or even produce spurious
sanitization errors, since with that option the buffer need not be
NUL-terminated.

While REG_STARTEND is not in POSIX, it is found on the BSDs and Linux
and users may reasonably rely on the fact that it is present on those
systems.

This issue has caused a bug in the Git testsuite as seen at
https://lore.kernel.org/git/20200117174931.GA8958@coredump.intra.peff.net/T/#t.

I've attached a testcase.  Without -fsanitize=address, it succeeds
silently.  With -fsanitize=address, it fails and prints an error.

Please either fix the regexec implementation such that it is fully
functional compared to the version in glibc or disable the sanitization
of regexec until it has feature parity.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libasan6 depends on:
ii  gcc-10-base  10-20200107-1
ii  libc6        2.29-9
ii  libgcc-s1    10-20200107-1

libasan6 recommends no packages.

libasan6 suggests no packages.

-- no debconf information

-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204

#include <stdio.h>
#include <sys/types.h>
#include <regex.h>

int main(void)
{
    regex_t r;
    const char s[] = "ban\0ana";
    regmatch_t pmatch[10];
    pmatch[0].rm_so = 0;
    pmatch[0].rm_eo = sizeof(s);
    if (regcomp(&r, "ana", 0))
        return 2;
    if (regexec(&r, s, sizeof(pmatch)/sizeof(pmatch[0]), pmatch, REG_STARTEND)) {
        fprintf(stderr, "failed to match\n");
        regfree(&r);
        return 3;
    }
    regfree(&r);
    return 0;
}

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

• To: 949192-close@bugs.debian.org
• Subject: Bug#949192: fixed in gcc-11 11-20210327-1
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Sat, 27 Mar 2021 12:48:31 +0000
• Message-id: <E1lQ8Mh-000BLw-VE@fasolo.debian.org>
• Reply-to: Matthias Klose <doko@debian.org>

Source: gcc-11
Source-Version: 11-20210327-1
Done: Matthias Klose <doko@debian.org>

We believe that the bug you reported is fixed in the latest version of
gcc-11, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 949192@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Klose <doko@debian.org> (supplier of updated gcc-11 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 27 Mar 2021 13:19:03 +0100
Source: gcc-11
Architecture: source
Version: 11-20210327-1
Distribution: experimental
Urgency: medium
Maintainer: Debian GCC Maintainers <debian-gcc@lists.debian.org>
Changed-By: Matthias Klose <doko@debian.org>
Closes: 949192 984870
Changes:
 gcc-11 (11-20210327-1) experimental; urgency=medium
 .
   * GCC snapshot, taken from the trunk (20210327)
     - Fix bootstrap on s390x.
     - Fix PR target/99422. Closes: #984870.
     - Fix PR sanitizer/98920. Closes: #949192.
   * Fix packaging of snapshot builds, really include the jit build in
     the snapshot build.
Checksums-Sha1:
 b20fd82f7f134a10a60c904b0096630f490818e9 27757 gcc-11_11-20210327-1.dsc
 d5476368f6a28125b12192682d3becd20d504e7c 80261254 gcc-11_11-20210327.orig.tar.gz
 961877c23e2ab2a8fd4aa670e5246d5a42f08474 534468 gcc-11_11-20210327-1.debian.tar.xz
 4a05ec4ae8cb0d81e42c508ee377a4c6e772027c 10409 gcc-11_11-20210327-1_source.buildinfo
Checksums-Sha256:
 e96ecce421dab0580308a3d1921d13be9531236f7f7bc9b0756f290cee00148d 27757 gcc-11_11-20210327-1.dsc
 64c0c27232f5bef390f0681947b0ccc359c99dea912365a658252d279abb61fa 80261254 gcc-11_11-20210327.orig.tar.gz
 4abc5f34d8f338e8ff24e343d3bf20dbd97c5378bc884751e814d2669f9a6426 534468 gcc-11_11-20210327-1.debian.tar.xz
 ff50c8a77f30201a7b07e10b3d7b0861fcb8d12d18410b977f24d2e82e91f11d 10409 gcc-11_11-20210327-1_source.buildinfo
Files:
 e507dc04b39261d99f530949c691efbc 27757 devel optional gcc-11_11-20210327-1.dsc
 b92d8368d77a2bf2f844cee90f9b2994 80261254 devel optional gcc-11_11-20210327.orig.tar.gz
 55c832d6c296ae18adbfaa7a3d78cf80 534468 devel optional gcc-11_11-20210327-1.debian.tar.xz
 426c73de1e3dc49fd00e37f7ca4dc52e 10409 devel optional gcc-11_11-20210327-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAmBfIx0QHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9R6bEAC8yp1VU7PJuLENC0IRHzG2lrxWP1Bs+OwI
r0anWKHgPWK9/qUgS5fKjrBCb4vFJ0VX4FQ/ZV+2QgYLlAt3PwRi1Au5bc8q5Xzk
Qwp/SvI0VuqfidTCcp9N+7zSBWNeQ9QPzEy+4myrMBG/efsBfIYQshueVEX7XfGB
+/Ux3IFwbv76RZwczQQ84A1DGS0e8y8xIus4PjAOjtcARxTavpd8ZbMcPwdbyPeo
CRO9ipJujhL9uujST5DbRrGrYP8u0vWtMciPg2V+OYhyMKjCFjnsiDbAXbINoWzj
+zl7sfTMxjfo5lBFxQlUmiZhqLDAHW4moi2Hpt45lAHpYJtBuNUi3JTdLmbJEMSK
gI3IDg0LWPGwGMsH5vj2MrAdRtfzxoKBx0imxrrNhoKDuPqCU8WramxGJ3mhlmN6
2oPqlSocoVz3G4g1OtE1E0/6gvSbq4AFpwna8OrFDxvB553WgkbaKgWclLQGhsjx
GQdN/smBID9ZyzTmgdRQw32ES+QytbzxAxfldF52Vp51p2sy+qG3BlSZmu9sbnBm
0WC2IWQM4c8QbFtLkXblBrn348bmy+ralyYYZMqjh2owGEz3B0lglaNlIpQ+gvWF
1TcCtbq8GUm78LrhTAzV0oaP/DhUGR32AZhmxXpjC0ks6+J3Y9+cO+gBzv6nWsZa
2HbQQerlvQ==
=AUnf
-----END PGP SIGNATURE-----

--- End Message ---