You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
=================================================================
==24533==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6250000027ee at pc 0x000000449d74 bp 0x7ffeaa98bfa0 sp 0x7ffeaa98b750
READ of size 5 at 0x6250000027ee thread T0
#0 0x449d73 in StrtolFixAndCheck(void*, char const*, char**, char*, int) (/home/peter/work/dcdn-ghazel/injector+0x449d73) #1 0x44a2a1 in __interceptor_strtoll (/home/peter/work/dcdn-ghazel/injector+0x44a2a1) #2 0x58054f in BencEntity::ParseNum(unsigned char const*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:544:11 #3 0x580624 in BencEntity::SetParsed(IBencParser::PARSE_T, unsigned char const*, unsigned long, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:558:5 #4 0x580d7b in BencodedDict::ResumeDict(IBencParser*, BencEntity**, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:703:11 #5 0x5810ca in BencEntity::DoParse(BencEntity&, IBencParser*, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:811:39 #6 0x580472 in BencEntity::Parse(unsigned char const*, BencEntity&, unsigned char const*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:759:7 #7 0x514ff1 in load_dht_state(BencEntity*) /home/peter/work/dcdn-ghazel/dht.cpp:71:5 #8 0x5496a1 in DhtImpl::LoadState() /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:3827:2 #9 0x549501 in DhtImpl::Initialize(UDPSocketInterface*, UDPSocketInterface*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:359:2 #10 0x548ce9 in DhtImpl::DhtImpl(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/Dht
Impl.cpp:246:2 #11 0x545c45 in create_dht(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/dht.cpp:3
0:29 #12 0x515a61 in dht_setup /home/peter/work/dcdn-ghazel/dht.cpp:125:15 #13 0x52580a in network_setup /home/peter/work/dcdn-ghazel/network.c:163:14 #14 0x5231bc in main /home/peter/work/dcdn-ghazel/injector.c:388:18 #15 0x7f28255f182f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291 #16 0x41cec8 in _start (/home/peter/work/dcdn-ghazel/injector+0x41cec8)
0x6250000027ee is located 0 bytes to the right of 9966-byte region [0x625000000100,0x6250000027ee)
allocated by thread T0 here:
#0 0x4d5548 in __interceptor_malloc (/home/peter/work/dcdn-ghazel/injector+0x4d5548) #1 0x514faf in load_dht_state(BencEntity*) /home/peter/work/dcdn-ghazel/dht.cpp:67:24 #2 0x5496a1 in DhtImpl::LoadState() /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:3827:2 #3 0x549501 in DhtImpl::Initialize(UDPSocketInterface*, UDPSocketInterface*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:359:2 #4 0x548ce9 in DhtImpl::DhtImpl(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtI
mpl.cpp:246:2 #5 0x545c45 in create_dht(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/dht.cpp:30
:29 #6 0x515a61 in dht_setup /home/peter/work/dcdn-ghazel/dht.cpp:125:15 #7 0x52580a in network_setup /home/peter/work/dcdn-ghazel/network.c:163:14 #8 0x5231bc in main /home/peter/work/dcdn-ghazel/injector.c:388:18 #9 0x7f28255f182f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291
SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/peter/work/dcdn-ghazel/injector+0x449d73) in StrtolFixAndCheck(void*, char const*, char**, char*, int)
Shadow bytes around the buggy address:
0x0c4a7fff84a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c4a7fff84f0: 00 00 00 00 00 00 00 00 00 00 00 00 00[06]fa fa
0x0c4a7fff8500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4a7fff8510: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4a7fff8520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff8530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff8540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==24533==ABORTING
The text was updated successfully, but these errors were encountered:
Can be reproduced when AddressSanitizer env options are set like this:
=================================================================
==24533==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6250000027ee at pc 0x000000449d74 bp 0x7ffeaa98bfa0 sp 0x7ffeaa98b750
READ of size 5 at 0x6250000027ee thread T0
#0 0x449d73 in StrtolFixAndCheck(void*, char const*, char**, char*, int) (/home/peter/work/dcdn-ghazel/injector+0x449d73)
#1 0x44a2a1 in __interceptor_strtoll (/home/peter/work/dcdn-ghazel/injector+0x44a2a1)
#2 0x58054f in BencEntity::ParseNum(unsigned char const*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:544:11
#3 0x580624 in BencEntity::SetParsed(IBencParser::PARSE_T, unsigned char const*, unsigned long, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:558:5
#4 0x580d7b in BencodedDict::ResumeDict(IBencParser*, BencEntity**, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:703:11
#5 0x5810ca in BencEntity::DoParse(BencEntity&, IBencParser*, BencEntity::AllocRegime*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:811:39
#6 0x580472 in BencEntity::Parse(unsigned char const*, BencEntity&, unsigned char const*) /home/peter/work/dcdn-ghazel/libbtdht/btutils/src/bencoding.cpp:759:7
#7 0x514ff1 in load_dht_state(BencEntity*) /home/peter/work/dcdn-ghazel/dht.cpp:71:5
#8 0x5496a1 in DhtImpl::LoadState() /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:3827:2
#9 0x549501 in DhtImpl::Initialize(UDPSocketInterface*, UDPSocketInterface*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:359:2
#10 0x548ce9 in DhtImpl::DhtImpl(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/Dht
Impl.cpp:246:2
#11 0x545c45 in create_dht(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/dht.cpp:3
0:29
#12 0x515a61 in dht_setup /home/peter/work/dcdn-ghazel/dht.cpp:125:15
#13 0x52580a in network_setup /home/peter/work/dcdn-ghazel/network.c:163:14
#14 0x5231bc in main /home/peter/work/dcdn-ghazel/injector.c:388:18
#15 0x7f28255f182f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291
#16 0x41cec8 in _start (/home/peter/work/dcdn-ghazel/injector+0x41cec8)
0x6250000027ee is located 0 bytes to the right of 9966-byte region [0x625000000100,0x6250000027ee)
allocated by thread T0 here:
#0 0x4d5548 in __interceptor_malloc (/home/peter/work/dcdn-ghazel/injector+0x4d5548)
#1 0x514faf in load_dht_state(BencEntity*) /home/peter/work/dcdn-ghazel/dht.cpp:67:24
#2 0x5496a1 in DhtImpl::LoadState() /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:3827:2
#3 0x549501 in DhtImpl::Initialize(UDPSocketInterface*, UDPSocketInterface*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtImpl.cpp:359:2
#4 0x548ce9 in DhtImpl::DhtImpl(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/DhtI
mpl.cpp:246:2
#5 0x545c45 in create_dht(UDPSocketInterface*, UDPSocketInterface*, void ()(unsigned char const, int), void ()(BencEntity), ExternalIPCounter*) /home/peter/work/dcdn-ghazel/libbtdht/src/dht.cpp:30
:29
#6 0x515a61 in dht_setup /home/peter/work/dcdn-ghazel/dht.cpp:125:15
#7 0x52580a in network_setup /home/peter/work/dcdn-ghazel/network.c:163:14
#8 0x5231bc in main /home/peter/work/dcdn-ghazel/injector.c:388:18
#9 0x7f28255f182f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291
SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/peter/work/dcdn-ghazel/injector+0x449d73) in StrtolFixAndCheck(void*, char const*, char**, char*, int)
Shadow bytes around the buggy address:
0x0c4a7fff84a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff84e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c4a7fff84f0: 00 00 00 00 00 00 00 00 00 00 00 00 00[06]fa fa
0x0c4a7fff8500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4a7fff8510: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4a7fff8520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff8530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c4a7fff8540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==24533==ABORTING
The text was updated successfully, but these errors were encountered: