Heap-buffer-overflow in __libc_start_main #751
Labels
confirmed
issue reported has been reproduced
fixed - please verify
Issue has been fixed. Please verify and close.
Moddable-XS revision
Commit: db8f973
Version: 11.5.0 32 4
Build environment
Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)
Build steps
Test case
Execution & Output
$ ./xst test.js ================================================================= ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f62dd0fe820 at pc 0x7f62e0bf477a bp 0x7ffd65c0fc60 sp 0x7ffd65c0f408 WRITE of size 1048576 at 0x7f62dd0fe820 thread T0 #0 0x7f62e0bf4779 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79779) #1 0x564bd7f19243 in memcpy /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34 #2 0x564bd7f19243 in fxPushSubstitutionString /root/moddable/xs/sources/xsString.c:1989 #3 0x564bd7e46db6 in fx_RegExp_prototype_replace /root/moddable/xs/sources/xsRegExp.c:834 #4 0x564bd7e51f0f in fxRunID /root/moddable/xs/sources/xsRun.c:842 #5 0x564bd7f1c334 in fx_String_prototype_withRegexp /root/moddable/xs/sources/xsString.c:1675 #6 0x564bd7f1c334 in fx_String_prototype_replace /root/moddable/xs/sources/xsString.c:1120 #7 0x564bd7e51f0f in fxRunID /root/moddable/xs/sources/xsRun.c:842 #8 0x564bd7ebcc27 in fxRunScript /root/moddable/xs/sources/xsRun.c:4766 #9 0x564bd80ce90a in fxRunProgramFile /root/moddable/xs/tools/xst.c:1387 #10 0x564bd79f54c7 in main /root/moddable/xs/tools/xst.c:281 #11 0x7f62e01eebf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6) #12 0x564bd79f70c9 in _start (/root/moddable/build/bin/lin/debug/xst+0x950c9) 0x7f62dd0fe820 is located 0 bytes to the right of 16777248-byte region [0x7f62dc0fe800,0x7f62dd0fe820) allocated by thread T0 here: #0 0x7f62e0c59b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40) #1 0x564bd7d2fa66 in fxGrowChunks /root/moddable/xs/sources/xsMemory.c:506 #2 0x564bd7d630a3 in fxAllocate /root/moddable/xs/sources/xsMemory.c:170 #3 0x564bd7a19d9a in fxCreateMachine /root/moddable/xs/sources/xsAPI.c:1367 #4 0x564bd79f2ddf in main /root/moddable/xs/tools/xst.c:259 #5 0x7f62e01eebf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6) SUMMARY: AddressSanitizer: heap-buffer-overflow (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79779) Shadow bytes around the buggy address: 0x0fecdba17cb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fecdba17cc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fecdba17cd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fecdba17ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fecdba17cf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0fecdba17d00: 00 00 00 00[fa]fa fa fa fa fa fa fa fa fa fa fa 0x0fecdba17d10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fecdba17d20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fecdba17d30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fecdba17d40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fecdba17d50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cbCredits: Found by OWL337 team.
The text was updated successfully, but these errors were encountered: