Skip to content

A dynamic-stack-buffer-overflow in slaxproc.c:979:15 #49

Closed
Closed
A dynamic-stack-buffer-overflow in slaxproc.c:979:15#49
Assignees
philshafer
@seviezhou

Description

@seviezhou
seviezhou
opened on Aug 2, 2020

System info

Ubuntu X64, gcc (Ubuntu 5.5.0-12ubuntu1), slaxproc (latest master 45d88a)

Configure

CFLAGS="-g -fsanitize=address" LDFLAGS="-fsanitize=address" ./configure

Command line

run directly:

./build/slaxproc/slaxproc

AddressSanitizer output

=================================================================
==78506==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffdea4fcfa0 at pc 0x00000051f888 bp 0x7ffdea4fcf70 sp 0x7ffdea4fcf68
WRITE of size 8 at 0x7ffdea4fcfa0 thread T0
    #0 0x51f887 in main /home/seviezhou/libslax/build/slaxproc/../../slaxproc/slaxproc.c:979:15
    #1 0x7fa14f44383f in __libc_start_main /build/glibc-e6zv40/glibc-2.23/csu/../csu/libc-start.c:291
    #2 0x41d818 in _start (/home/seviezhou/libslax/build/slaxproc/slaxproc+0x41d818)

Address 0x7ffdea4fcfa0 is located in stack of thread T0
SUMMARY: AddressSanitizer: dynamic-stack-buffer-overflow /home/seviezhou/libslax/build/slaxproc/../../slaxproc/slaxproc.c:979:15 in main
Shadow bytes around the buggy address:
  0x10003d4979a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d4979b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d4979c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d4979d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d4979e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10003d4979f0: ca ca ca ca[01]cb cb cb cb cb cb cb 00 00 00 00
  0x10003d497a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d497a10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d497a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d497a30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10003d497a40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==78506==ABORTING

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions