This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Google Summer of Code projects for the GNU C Library.


On Fri, Feb 21, 2014 at 01:45:31AM +0000, Joseph S. Myers wrote:
> On Thu, 20 Feb 2014, Konstantin Serebryany wrote:
> 
> > Idea for glibc GSoC project: instrument the glibc source with
> > AddressSanitizer (asan).
> > https://code.google.com/p/address-sanitizer/
> > goal #1: test glibc itself for bugs like stack or global buffer overflow.
> 
> I suspect most interesting such bugs are for cases involving extreme (but 
> valid) input that's currently not covered by the testsuite.  In my 
> experience it's quite easy to find problems with memory allocation just by 
> looking for them; it might be interesting to have a project to review 
> allocations in glibc more thoroughly, especially where the size depends on 
> user input.
> 
I already done review, most of these could be solved by not duplicating
same allocation pattern in 100 of places. Using malloca and saturated
arithmetic will dramaticaly cut number of possible errors.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]