Dear GNU make developers,
We tested GNU make with an automatic tool (based on the fuzzer AFL). A number of test cases triggering UBSan integer overflow errors were generated. We manually checked those test cases and filtered out benign cases.
Finally, we identified and report 3 cases that could trigger bugs. Below is the information for reproducing the bugs.
- make version: 4.3
- operating system: Ubuntu 16.04.7
- compiler: clang version 6.0.0-1ubuntu2~16.04.1 (tags/RELEASE_600/final)
- compilation commands:
mkdir obj
cd obj
CC=clang CFLAGS="-g -O1 -Xclang -disable-llvm-passes -D__NO_STRING_INLINES -D_FORTIFY_SOURCE=0 -U__OPTIMIZE__ -fsanitize=signed-integer-overflow -fsanitize=unsigned-integer-overflow
-fsanitize=shift -fsanitize=bounds -fsanitize=pointer-overflow -fsanitize=null" ../configure --disable-nls --disable-largefile --disable-job-server --disable-load
make
- inputs: the input files are attached
bug 1 command: make -n -f make1.input
relevant error message: ../src/read.c:2354:64: runtime error: unsigned integer overflow: 27 - 18446744073709551615 cannot be represented in type 'unsigned long'
bug 2 command: make -n -f make2.input
relevant error message: ../src/read.c:2397:64: runtime error: unsigned integer overflow: 1 - 18446744073709551607 cannot be represented in type 'unsigned long'
bug 3 command: make -n -f make3.input
relevant error message: ../src/read.c:2523:56: runtime error: unsigned integer overflow: 1 - 18446744073709551609 cannot be represented in type 'unsigned long'
Best,
Jingxuan
make1.input