You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
==1760977==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f845cba5121 bp 0x000000000000 sp 0x7ffd65d4bd08 T0)
==1760977==The signal is caused by a READ memory access.
==1760977==Hint: address points to the zero page.
#0 0x7f845cba5121 in __strstr_sse2_unaligned (/lib64/libc.so.6+0xb7121) (BuildId: 4fdf4b58ec1880e064d0d3fe13f1bb3e8ed1c420)
#1 0x32fe8d in strstr (/home/geeknik/curl/src/curl+0x32fe8d) (BuildId: d05a4b2ab83d222d)
#2 0x45999e in varexpand /home/geeknik/curl/src/var.c:220:12
#3 0x407e24 in getparameter /home/geeknik/curl/src/tool_getparam.c:835:13
#4 0x448ce5 in parseconfig /home/geeknik/curl/src/tool_parsecfg.c:227:13
#5 0x40a418 in getparameter /home/geeknik/curl/src/tool_getparam.c:2274:10
#6 0x41c7ff in parse_args /home/geeknik/curl/src/tool_getparam.c:2723:18
#7 0x42ac9f in operate /home/geeknik/curl/src/tool_operate.c:2745:26
#8 0x429767 in main /home/geeknik/curl/src/tool_main.c:273:14
#9 0x7f845cb16149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 4fdf4b58ec1880e064d0d3fe13f1bb3e8ed1c420)
#10 0x7f845cb1620a in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2820a) (BuildId: 4fdf4b58ec1880e064d0d3fe13f1bb3e8ed1c420)
#11 0x316684 in _start (/home/geeknik/curl/src/curl+0x316684) (BuildId: d05a4b2ab83d222d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib64/libc.so.6+0xb7121) (BuildId: 4fdf4b58ec1880e064d0d3fe13f1bb3e8ed1c420) in __strstr_sse2_unaligned
The segmentation fault appears to be triggered in the varexpand function in var.c. The strstr function call in this context may be accessing a null pointer or invalid memory address. This suggests a possible issue with how input strings are being handled or validated in the varexpand function.
I did this
curl -q -K test0000
test0000.gz
base64 of test0000 ==
ZXhwYW5kLQAKdXJs
Which results in this
The segmentation fault appears to be triggered in the
varexpand
function invar.c
. Thestrstr
function call in this context may be accessing a null pointer or invalid memory address. This suggests a possible issue with how input strings are being handled or validated in thevarexpand
function.I expected the following
No crash.
curl/libcurl version
operating system
Linux localhost.localdomain 6.5.6-300.fc39.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Oct 6 19:57:21 UTC 2023 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: