You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
==2619==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60600000eff5 at pc 0x00000040a9e2 bp 0x7fff0c2e8de0 sp 0x7fff0c2e8dd0
READ of size 1 at 0x60600000eff5 thread T0
#0 0x40a9e1 in json_get_escape_len /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5834 #1 0x40a9e1 in json_parse_string /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5894 #2 0x410366 in json_parse_string /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5814 #3 0x410366 in json_parse_value /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5993 #4 0x413683 in json_parse_pair /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6058 #5 0x413683 in json_parse_object /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6070 #6 0x413683 in json_parse_value /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5996 #7 0x44ac53 in json_doit /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6083 #8 0x44ac53 in json_walk /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6466 #9 0x46f3a0 in mjs_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12132 #10 0x46f3a0 in mjs_op_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12192 #11 0x496f16 in mjs_execute /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9647 #12 0x49b9b7 in mjs_exec_internal /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9865 #13 0x40340b in mjs_exec_file /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9888 #14 0x40340b in main /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12244 #15 0x7f96c168382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #16 0x403bb8 in _start (/home/joanking/abs/MemLock/tool/target/mjs/mjs.out+0x403bb8)
0x60600000eff5 is located 0 bytes to the right of 53-byte region [0x60600000efc0,0x60600000eff5)
allocated by thread T0 here:
#0 0x7f96c1cc9602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602) #1 0x46f370 in mjs_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12130 #2 0x46f370 in mjs_op_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12192 #3 0x46ee6f (/home/joanking/abs/MemLock/tool/target/mjs/mjs.out+0x46ee6f)
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5834 json_get_escape_len
Shadow bytes around the buggy address:
0x0c0c7fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c0c7fff9df0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00[05]fa
0x0c0c7fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==2619==ABORTING poc3.txt
The text was updated successfully, but these errors were encountered:
Here are 3 ERROR。
ERROR 1:
./id:000007,sig:06,src:003011,op:havoc,rep:8
mjs.out: mjs.c:10530: get_cb_impl_by_signature: Assertion `userdata_idx > 0' failed.
run_crashes.sh: line 29: 2327 Aborted (core dumped) ../../../../target/mjs/mjs.out $line
poc1.txt
ERROR 2
./id:000019,sig:06,src:002654,op:havoc,rep:2
mjs.out: mjs.c:12088: frozen_cb: Assertion `ctx->frame == NULL' failed.
run_crashes.sh: line 29: 2523 Aborted (core dumped) ../../../../target/mjs/mjs.out $line
poc2.txt
ERROR 3
./id:000000,sig:06,src:000006,op:havoc,rep:2
==2619==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60600000eff5 at pc 0x00000040a9e2 bp 0x7fff0c2e8de0 sp 0x7fff0c2e8dd0
READ of size 1 at 0x60600000eff5 thread T0
#0 0x40a9e1 in json_get_escape_len /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5834
#1 0x40a9e1 in json_parse_string /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5894
#2 0x410366 in json_parse_string /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5814
#3 0x410366 in json_parse_value /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5993
#4 0x413683 in json_parse_pair /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6058
#5 0x413683 in json_parse_object /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6070
#6 0x413683 in json_parse_value /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5996
#7 0x44ac53 in json_doit /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6083
#8 0x44ac53 in json_walk /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:6466
#9 0x46f3a0 in mjs_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12132
#10 0x46f3a0 in mjs_op_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12192
#11 0x496f16 in mjs_execute /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9647
#12 0x49b9b7 in mjs_exec_internal /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9865
#13 0x40340b in mjs_exec_file /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:9888
#14 0x40340b in main /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12244
#15 0x7f96c168382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#16 0x403bb8 in _start (/home/joanking/abs/MemLock/tool/target/mjs/mjs.out+0x403bb8)
0x60600000eff5 is located 0 bytes to the right of 53-byte region [0x60600000efc0,0x60600000eff5)
allocated by thread T0 here:
#0 0x7f96c1cc9602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x46f370 in mjs_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12130
#2 0x46f370 in mjs_op_json_parse /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:12192
#3 0x46ee6f (/home/joanking/abs/MemLock/tool/target/mjs/mjs.out+0x46ee6f)
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/joanking/abs/MemLock/tool/target/mjs/mjs.c:5834 json_get_escape_len
Shadow bytes around the buggy address:
0x0c0c7fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c0c7fff9df0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00[05]fa
0x0c0c7fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0c7fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==2619==ABORTING
poc3.txt
The text was updated successfully, but these errors were encountered: