Open
Description
Version
v0.3.0
Description
There is a heap allocation-size fail due to the unsafe "alloc" function used by 'calc::ast::AnnotatedExpr::evaluate' function.
Current Behavior
ASAN detect heap allocation size failed due to the allocation by 'calc::ast::AnnotatedExpr::evaluate' function exceed the maximum supported size
==4156209==ERROR: AddressSanitizer: requested allocation size 0x7e5196e2ae391 (0x7e5196e2af398 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
#0 0x556558b64b67 in malloc /home/nyw0102/s2fuzz/scripts/rust/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
#1 0x5565592ed294 in alloc::alloc::alloc::h3eab0436979804b6 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/alloc.rs:171:73
#2 0x5565592ed294 in alloc::alloc::Global::alloc_impl::h5ceee6389567af31 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/alloc.rs:171:73
#3 0x55655930c456 in _$LT$alloc..alloc..Global$u20$as$u20$core..alloc..Allocator$GT$::allocate::h686122c2c4be4253 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/alloc.rs:231:9
#4 0x5565593012c0 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::allocate_in::hc788051c6351a1e3 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/raw_vec.rs:185:45
#5 0x556558e25c35 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::with_capacity_in::h5d2067f923c02f57 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/string.rs:500:23
#6 0x556558e25c35 in alloc::vec::Vec$LT$T$C$A$GT$::with_capacity_in::hd207cd56f1034068 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/vec/mod.rs:641:20
#7 0x556558e25c35 in alloc::vec::Vec$LT$T$GT$::with_capacity::hf7f87af6cc695e8b /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/vec/mod.rs:483:9
#8 0x556558e25c35 in alloc::string::String::with_capacity::heed6fd8422e362a8 /home/nyw0102/s2fuzz/scripts/rust/library/alloc/src/string.rs:500:23
#9 0x556558c346d5 in num_runtime_fmt::num_fmt::NumFmt::fmt_with::h24c45d01ea235657 /home/nyw0102/.cargo/registry/src/github.com-1ecc6299db9ec823/num-runtime-fmt-0.1.2/src/num_fmt.rs:277:28
#10 0x556558c0c55f in num_runtime_fmt::num_fmt::NumFmt::fmt::hf4c126f13c83f685 /home/nyw0102/.cargo/registry/src/github.com-1ecc6299db9ec823/num-runtime-fmt-0.1.2/src/num_fmt.rs:91:9
#11 0x556558c9df41 in calc::ast::AnnotatedExpr::evaluate::h370aa0598caad3a8 /home/nyw0102/Test-Sets/calc/src/ast.rs:261:9
#12 0x556558c9c261 in calc::Context$LT$N$GT$::evaluate_annotated::h60fbf2023a3bf8d4 /home/nyw0102/Test-Sets/calc/src/lib.rs:96:25
#13 0x556558f6654c in calc::impl_main::eval_and_print::h60d7c0f5ff03cd43 /home/nyw0102/Test-Sets/calc/src/main.rs:74:15
#14 0x556558f7defc in calc::impl_main::shell::h7141880d1242e850 /home/nyw0102/Test-Sets/calc/src/main.rs:143:31
#15 0x556558f7c356 in calc::impl_main::shell_as::h729feadc42ace740 /home/nyw0102/Test-Sets/calc/src/main.rs:127:26
#16 0x556558f62d45 in calc::main::h4d839ec66d6f3224 /home/nyw0102/Test-Sets/calc/src/main.rs:9:5
#17 0x556558c865b6 in std::rt::lang_start::_$u7b$$u7b$closure$u7d$$u7d$::hcac40fb75068d3bb /home/nyw0102/s2fuzz/scripts/rust/library/std/src/rt.rs:145:18
#18 0x55655b95dd94 in std::rt::lang_start_internal::h4a61547abbd425a7 (/home/nyw0102/Test-Sets/calc/target/x86_64-unknown-linux-gnu/debug/calc+0x3032d94) (BuildId: d48bdfd8ac5726d1f900da40325c3e8c6cec5366)
#19 0x556558f8c26f in main (/home/nyw0102/Test-Sets/calc/target/x86_64-unknown-linux-gnu/debug/calc+0x66126f) (BuildId: d48bdfd8ac5726d1f900da40325c3e8c6cec5366)
==4156209==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big /home/nyw0102/s2fuzz/scripts/rust/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3 in malloc
==4156209==ABORTING
Expected Behavior
Memory-safety code with no allocation-size failed. This might be handled by denying allocation when the size of object exceeds the maximum allocation size.
Metadata
Metadata
Assignees
Labels
No labels