Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-84793

QCborValue::fromCbor tries to allocate 15 TB of memory

    XMLWordPrintable

Details

    • Bug
    • Resolution: Invalid
    • P1: Critical
    • None
    • 5.15.1
    • Core: Other
    • Ubuntu 18.04 LTS 64 bit
      clang 7
      Qt 5.15 branch

    Description

      1. Have a build of Qt with configure flags "-sanitize address"
      2. Build the attached project on this build of Qt.
      3. Set any ulimit for the size of virtual memory, e.g.: 
        ulimit -Sv 200000000

        Yes, that's two hundred gigabytes.

      4. Run the resulting program and pass the input file: 
        ./cbor input.cbor

        You'll get output like the following:

        ==9238==ERROR: AddressSanitizer failed to allocate 0xdfff0001000
(15392894357504) bytes at address 2008fff7000 (errno: 12)
==9238==ReserveShadowMemoryRange failed while trying to map
0xdfff0001000 bytes. Perhaps you're using ulimit -v
Aborted (core dumped)

      Even if this only seems to happen when built with ASAN and having set an
      ulimit, trying to allocate 15 TB seems pretty wrong to me.

      Google's oss-fuzz found this as issue 21067.

      Attachments

        1. input.cbor
          16 kB
        2. main.cpp
          0.2 kB
        3. report.pro
          0.1 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            thiago Thiago Macieira
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes