Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

calling g2_info() on an incomplete message causes memory error instead of returning error code #156

Open
edwardhartnett opened this issue Oct 26, 2021 · 0 comments
Open

calling g2_info() on an incomplete message causes memory error instead of returning error code #156

edwardhartnett opened this issue Oct 26, 2021 · 0 comments
Assignees
@edwardhartnett
Labels
bug Something isn't working

Comments

@edwardhartnett
Copy link
Contributor

When I call g2_info() on a message before calling g2_gribend() I get a memory error instead of a return code:

=================================================================
==3477==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdd96a95f6 at pc 0x561d7eaf5ad5 bp 0x7ffdd96a8e20 sp 0x7ffdd96a8e10
READ of size 1 at 0x7ffdd96a95f6 thread T0
    #0 0x561d7eaf5ad4 in gbits /home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/src/gbits.c:75
    #1 0x561d7eaf5ad4 in gbit /home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/src/gbits.c:22
    #2 0x561d7eaf5485 in g2_info /home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/src/g2_info.c:162
    #3 0x561d7eaefe66 in main /home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/tests/tst_g2_addfield.c:96
    #4 0x7f1fedfd30b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #5 0x561d7eaf0dad in _start (/home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/build/tests/tst_g2_addfield+0xddad)

Address 0x7ffdd96a95f6 is located in stack of thread T0 at offset 1334 in frame
    #0 0x561d7eaeee4f in main /home/runner/work/NCEPLIBS-g2c/NCEPLIBS-g2c/g2c/tests/tst_g2_addfield.c:20

  This frame has 15 object(s):
    [48, 56) 'numfields' (line 55)
    [80, 88) 'numlocal' (line 55)
    [112, 116) 'coordlist' (line 46)
    [128, 144) 'listsec0' (line 25)
    [160, 176) 'fld' (line 50)
    [192, 216) 'listsec0_in' (line 54)
    [256, 288) 'bmap' (line 53)
    [320, 360) 'igds' (line 27)
    [400, 440) 'idrstmpl' (line 49)
    [480, 584) 'listsec1' (line 26)
    [624, 728) 'listsec1_in' (line 54)
    [768, 888) 'ipdstmpl' (line 45)
    [928, 1080) 'igdstmpl' (line 28)
    [1152, 1334) 'cgrib' (line 24) <== Memory access at offset 1334 overflows this variable
    [1408, 1590) 'expected_cgrib' (line 29)

The code is written as if it expected to be able to return an error for this:

        if (ipos > (istart + lengrib))
        {
            printf("g2_info: '7777'  not found at end of GRIB message.\n");
            ierr = 5;
            return(ierr);
        }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@edwardhartnett edwardhartnett

Labels
bug Something isn't working
Projects
NCEPLIBS-g2c-2.2.0
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@edwardhartnett