Reputation: 19954
How do I create a buffer overflow to test Address Sanitizer?
Problem
I'm attempting to create a buffer overflow in order to learn more about Address Sanitizer. I've written the following code which I thought would create a buffer overflow, though I must be mistaken as it's not throwing the expected "Heap buffer overflow detected".
Attempt
var ints : [UInt8] = [ 1, 2, 3, 4 ]
let a = UnsafeMutableBufferPointer(start: &ints, count: ints.count)
a[28] = 17 // array out of index
I've enabled Address Sanitizer in Xcode by clicking my application > Edit Scheme... and then "Enable Address Sanitizer". Then I rebuilt my application before running.
Question
How do I create a buffer overflow in Swift 2?
Upvotes: 2
Views: 1278
Answers (1)
Reputation: 539975
From https://developer.apple.com/videos/play/wwdc2015-413/?time=947
Address Sanitizer is an LLVM tool for C-based languages.
and https://developer.apple.com/videos/play/wwdc2015-413/?time=1422
In order to use Address Sanitizer, Xcode passes a special flag to clang.
It seems that the Address Sanitizer is only available with clang
for C, Objective-C etc., but not with the Swift compiler swiftc.
A simple C program which triggers a buffer overflow is
#include <stdio.h>
#include <stdlib.h>
int main(int argc, const char * argv[]) {
int *p = malloc(4 * sizeof(int));
p[28] = 17;
return 0;
}
Upvotes: 4
Related Questions
- Build error after disabling the address sanitizer in Xcode
- ==44088==ERROR: AddressSanitizer: stack-buffer-overflow
- Integrate custom assert() with AddressSanitizer
- AddressSanitizer report breakpoint hit: dynamic-stack-buffer-overflow
- AddressSanitizer only finds overflow on OS X
- Why address sanitizer doesn't work for bss global overflow?
- Debugging with Address Sanitizer
- no_sanitize not supported in Xcode?
- How do you enable Clang Address Sanitizer in Xcode?
- performing simple buffer overflow on Mac os 10.6