AddressSanitizer: stack-use-after-scope in dns_tsig_verify (dns_message_checksig test)

Summary

ASAN error:

testing 63 bytes from /builds/isc-projects/bind9/fuzz/dns_message_checksig.in/tsig-reply
=================================================================
==1074==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7ffe14b1d780 at pc 0x55eeaf01c3ff bp 0x7ffe14b1c990 sp 0x7ffe14b1c160
READ of size 12 at 0x7ffe14b1d780 thread T0
    #0 0x55eeaf01c3fe in __asan_memmove (/builds/isc-projects/bind9/fuzz/.libs/dns_message_checksig+0xa63fe) (BuildId: 73cf12c5424a9fda378fddea924b696e6cb966ca)
    #1 0x7f93f3d6a227 in memmove /usr/include/x86_64-linux-gnu/bits/string_fortified.h:40:10
    #2 0x7f93f3d6a227 in dns_tsig_verify /builds/isc-projects/bind9/lib/dns/tsig.c:1241:3
    #3 0x7f93f3dd122d in dns_view_checksig /builds/isc-projects/bind9/lib/dns/view.c:1471:10
    #4 0x7f93f38f42a8 in dns_message_checksig /builds/isc-projects/bind9/lib/dns/message.c:3145:12
    #5 0x55eeaf058c18 in LLVMFuzzerTestOneInput /builds/isc-projects/bind9/fuzz/dns_message_checksig.c:393:11
    #6 0x55eeaf05c189 in test_one_file /builds/isc-projects/bind9/fuzz/main.c:53:3
    #7 0x55eeaf05c468 in test_all_from /builds/isc-projects/bind9/fuzz/main.c:89:3
    #8 0x55eeaf05bc18 in main /builds/isc-projects/bind9/fuzz/main.c:130:2
    #9 0x7f93f2dc5d09 in __libc_start_main csu/../csu/libc-start.c:308:16
    #10 0x55eeaef9a569 in _start (/builds/isc-projects/bind9/fuzz/.libs/dns_message_checksig+0x24569) (BuildId: 73cf12c5424a9fda378fddea924b696e6cb966ca)

Jobs:

BIND version used

4108d79c (!6822 (merged)), but change in this MR affects only tests.

Steps to reproduce

Run unit:clang:asan job in CI.

What is the current bug behavior?

Edited Sep 27, 2022 by Petr Špaček

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information