Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md
rec_field_name_equal_p@rec-field-name.c
rec_rset_get_props@rec-rset.c

README.md

recutils

version

recutils 1.8

description

recutils

download link


rec_rset_get_props@rec-rset.c:1552-26___out-of-bounds-read

description

An issue was discovered in recutils None, There is a/an out-of-bounds-read in function rec_rset_get_props at rec-rset.c:1552-26

commandline

rec2csv @@

source

In file: /home/pwd/gnu-fuzz/recutils/recutils-1.8/src/rec-rset.c
   1547       /* Create a new properties structure for this field name and
   1548          initialize it.  */
   1549       props = malloc (sizeof (struct rec_rset_fprops_s));
   1550       if (props)
   1551         {
 ► 1552           props->fname = strdup (fname);
   1553           props->auto_p = false;
   1554           props->key_p = false;
   1555 
   1556 #if defined REC_CRYPT_SUPPORT
   1557           props->confidential_p = false;

bug report

AddressSanitizer:DEADLYSIGNAL
=================================================================
==7207==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fa8a76205a1 bp 0x7ffc90c3b250 sp 0x7ffc90c3a9d8 T0)
==7207==The signal is caused by a READ memory access.
==7207==Hint: address points to the zero page.
    #0 0x7fa8a76205a0  /build/glibc-OTsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/strlen-avx2.S:59
    #1 0x438dcf in strdup /home/pwd/llvm_dev/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:403
    #2 0x7fa8a862e71b in rec_rset_get_props /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:1552:26
    #3 0x7fa8a862e71b in rec_rset_update_field_props /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:1304
    #4 0x7fa8a862c7a5 in rec_rset_set_descriptor /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:354:3
    #5 0x7fa8a86454d0 in rec_parse_rset /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-parser.c:535:3
    #6 0x515881 in recutl_parse_db_from_file /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/recutl.c:246:10
    #7 0x515e2f in recutl_build_db /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/recutl.c:332:20
    #8 0x5178ec in main /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/rec2csv.c:342:8
    #9 0x7fa8a74b3b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #10 0x41c7b9 in _start (/home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/installed-asan/bin/rec2csv+0x41c7b9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/glibc-OTsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/strlen-avx2.S:59 
==7207==ABORTING

others

from fuzz project None
crash name None-00000006-1551408318
Auto-generated by pyspider at 2019-03-01 10:49:23

rec_field_name_equal_p@rec-field-name.c:117-11___out-of-bounds-read

description

An issue was discovered in recutils None, There is a/an out-of-bounds-read in function rec_field_name_equal_p at rec-field-name.c:117-11

commandline

rec2csv @@

source

In file: /home/pwd/gnu-fuzz/recutils/recutils-1.8/src/rec-field-name.c
   112 bool
   113 rec_field_name_equal_p (const char *name1,
   114                         const char *name2)
   115 {
   116   /* TODO: 'foo' and 'foo:' denote the same field name.  */117   return (strcmp (name1, name2) == 0);
   118 }
   119 
   120 /* End of rec-field-name.c */

bug report

AddressSanitizer:DEADLYSIGNAL
=================================================================
==7413==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000004b1c8b bp 0x7ffca433b710 sp 0x7ffca433ae80 T0)
==7413==The signal is caused by a READ memory access.
==7413==Hint: address points to the zero page.
    #0 0x4b1c8a in __interceptor_strcmp.part.253 /home/pwd/llvm_dev/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:411
    #1 0x7faa02626c82 in rec_field_name_equal_p /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-field-name.c:117:11
    #2 0x7faa0263064c in rec_rset_get_props /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:1537:11
    #3 0x7faa0263064c in rec_rset_update_field_props /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:1304
    #4 0x7faa0262e7a5 in rec_rset_set_descriptor /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-rset.c:354:3
    #5 0x7faa02647d6c in rec_parse_rset /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/src/rec-parser.c:578:23
    #6 0x51575c in recutl_parse_db_from_file /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/recutl.c:246:10
    #7 0x515e2f in recutl_build_db /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/recutl.c:332:20
    #8 0x5178ec in main /home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/utils/rec2csv.c:342:8
    #9 0x7faa014b5b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #10 0x41c7b9 in _start (/home/pwd/gnu-fuzz/recutils/recutils-1.8.patch/installed-asan/bin/rec2csv+0x41c7b9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/pwd/llvm_dev/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:411 in __interceptor_strcmp.part.253
==7413==ABORTING

others

from fuzz project None
crash name None-00000033-1551408318
Auto-generated by pyspider at 2019-03-01 10:51:21
You can’t perform that action at this time.