AddressSanitizer: stack-buffer-overflow in gdk/x11/gdkwindow-x11.c
ASan reports a read overflow of local variable pid in line 939, made by _XData32(), that reads a 64bits value from pid address, while pid size is 32 bits only.
=================================================================
==4164==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffed25b2490 at pc 0x7f61ecc6d3e8 bp 0x7ffed25b2240 sp 0x7ffed25b2230
READ of size 8 at 0x7ffed25b2490 thread T0
#0 0x7f61ecc6d3e7 in _XData32 /home/bellet/Development/xorg/lib/libX11/src/XlibInt.c:1623
#1 0x7f61ecbefe49 in XChangeProperty /home/bellet/Development/xorg/lib/libX11/src/ChProp.c:83
#2 0x7f61ed72b035 in setup_toplevel_window /home/bellet/Development/gtk+-3/gdk/x11/gdkwindow-x11.c:939
#3 0x7f61ed72c6f1 in _gdk_x11_display_create_window_impl /home/bellet/Development/gtk+-3/gdk/x11/gdkwindow-x11.c:1148
#4 0x7f61ed67f2e1 in _gdk_display_create_window_impl /home/bellet/Development/gtk+-3/gdk/gdkdisplay.c:2227
#5 0x7f61ed6ab701 in gdk_window_new /home/bellet/Development/gtk+-3/gdk/gdkwindow.c:1491
#6 0x7f61ed6de479 in _gdk_x11_display_open /home/bellet/Development/gtk+-3/gdk/x11/gdkdisplay-x11.c:1621
#7 0x7f61ed68111b in gdk_display_manager_open_display /home/bellet/Development/gtk+-3/gdk/gdkdisplaymanager.c:472
#8 0x7f61ed67ed40 in gdk_display_open /home/bellet/Development/gtk+-3/gdk/gdkdisplay.c:1966
#9 0x7f61ed6722a8 in gdk_display_open_default /home/bellet/Development/gtk+-3/gdk/gdk.c:466
#10 0x7f61ee865075 in gtk_init_check /home/bellet/Development/gtk+-3/gtk/gtkmain.c:1104
#11 0x7f61ef1983c6 in gtk_clutter_init /home/bellet/Development/clutter-gtk/clutter-gtk/gtk-clutter-util.c:226
#12 0x4427c4 in main /home/bellet/Development/empathy/src/empathy.c:824
#13 0x7f61ec9ae412 in __libc_start_main (/lib64/libc.so.6+0x24412)
#14 0x418bad in _start (/opt/empathy/bin/empathy+0x418bad)
Address 0x7ffed25b2490 is located in stack of thread T0 at offset 32 in frame
#0 0x7f61ed72a55a in setup_toplevel_window /home/bellet/Development/gtk+-3/gdk/x11/gdkwindow-x11.c:897
This frame has 7 object(s):
[32, 36) 'pid' <== Memory access at offset 32 partially overflows this variable
[96, 104) 'leader_window'
[160, 168) 'value'
[224, 240) 'counters'
[288, 320) 'protocols'
[352, 432) 'size_hints'
[480, 592) 'attrs'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow /home/bellet/Development/xorg/lib/libX11/src/XlibInt.c:1623 in _XData32