Save Bookmarks #2
Labels
Comments
Closed
|
An example of this has been implemented. Though it doesn't take into account things like ASLR and it doesn't store/restore comments. Ideally it would save bookmarks are module + offset, not as an absolute address. And of course it should also store the comments. |
ghost
mentioned this issue
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 15, 2020
AddressSanitizer:DEADLYSIGNAL
=================================================================
==22728==ERROR: AddressSanitizer: SEGV on unknown address 0x7f362e1c03b8 (pc 0x7f3647a5faef bp 0x6070000b1470 sp 0x7ffc012e08f0 T0)
==22728==The signal is caused by a READ memory access.
#0 0x7f3647a5faee (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0xc4aee)
eteran#1 0x7f36479ec807 (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0x51807)
eteran#2 0x7f36479ec8e8 (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0x518e8)
eteran#3 0x7f3646aec19b in QObject::~QObject() (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0x2bd19b)
eteran#4 0x7f36479e77c7 in QNetworkAccessManager::~QNetworkAccessManager() (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0x4c7c7)
eteran#5 0x7f36479e7828 in QNetworkAccessManager::~QNetworkAccessManager() (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0x4c828)
eteran#6 0x7f3646ae3494 in QObjectPrivate::deleteChildren() (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0x2b4494)
eteran#7 0x7f3646aec153 in QObject::~QObject() (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0x2bd153)
eteran#8 0x7f3632f04dc4 in CheckVersionPlugin::CheckVersion::~CheckVersion() /home/ivan/d/edb-debugger/plugins/CheckVersion/CheckVersion_autogen/EWIEGA46WW/../../CheckVersion.h:40
eteran#9 0x7f3632f04dc4 in CheckVersionPlugin::CheckVersion::~CheckVersion() /home/ivan/d/edb-debugger/plugins/CheckVersion/CheckVersion_autogen/EWIEGA46WW/../../CheckVersion.h:40
eteran#10 0x7f3646ab1d76 (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0x282d76)
eteran#11 0x7f3646ab37aa (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0x2847aa)
eteran#12 0x7f3645656846 in __cxa_finalize (/nix/store/wx1vk75bpdr65g6xwxbj4rw0pk04v5j3-glibc-2.27/lib/libc.so.6+0x38846)
eteran#13 0x7f36468dbfb2 (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Core.so.5+0xacfb2)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/nix/store/rw5qmxlnfmgq72l028djxyknqr912i81-qtbase-5.12.3/lib/libQt5Network.so.5+0xc4aee)
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 18, 2020
The issue was about leaks reported by leak sanitizer:
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e695267 in HardwareBreakpointsPlugin::HardwareBreakpoints::stackContextMenu() HardwareBreakpoints.cpp:253
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e69ba38 in HardwareBreakpointsPlugin::HardwareBreakpoints::cpuContextMenu() HardwareBreakpoints.cpp:324
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e6985d7 in HardwareBreakpointsPlugin::HardwareBreakpoints::dataContextMenu() HardwareBreakpoints.cpp:288
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
The most idiomatic way to fix the issue was to assign a parent
to the submenus created in these functions. Unfortunately
there is no suitable parent available in these functions.
This commit fixes the issue in the most straight-forward way
possible: it just adds QMenu* parent parameter to the functions
* IPlugin::cpuContextMenu
* IPlugin::registerContextMenu
* IPlugin::stackContextMenu
* IPlugin::dataContextMenu
This allows plugins to set proper parent to all submenus
they choose to create in order for them to be properly destroyed
when root menu is destroyed.
This commit also sets parents to the QActions that are created
in these functions so they are timedly destroyed. As a possible
follow-up these QActions can be created once in plugin
constructor and not everytime the menu is created.
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 18, 2020
The issue was about leaks reported by leak sanitizer:
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e695267 in HardwareBreakpointsPlugin::HardwareBreakpoints::stackContextMenu() HardwareBreakpoints.cpp:253
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e69ba38 in HardwareBreakpointsPlugin::HardwareBreakpoints::cpuContextMenu() HardwareBreakpoints.cpp:324
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e6985d7 in HardwareBreakpointsPlugin::HardwareBreakpoints::dataContextMenu() HardwareBreakpoints.cpp:288
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
The most idiomatic way to fix the issue was to assign a parent
to the submenus created in these functions. Unfortunately
there is no suitable parent available in these functions.
This commit fixes the issue in the most straight-forward way
possible: it just adds QMenu* parent parameter to the functions
* IPlugin::cpuContextMenu
* IPlugin::registerContextMenu
* IPlugin::stackContextMenu
* IPlugin::dataContextMenu
This allows plugins to set proper parent to all submenus
they choose to create in order for them to be properly destroyed
when root menu is destroyed.
This commit also sets parents to the QActions that are created
in these functions so they are timedly destroyed. As a possible
follow-up these QActions can be created once in plugin
constructor and not everytime the menu is created.
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 22, 2020
Before this commit running
edb --run /home/ivan/Документы/a.out (Документы means "Documents" in Russian)
would cause heap-buffer-overflow in edb:
=================================================================
==26208==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6030004bd19b at pc 0x7f933a072274 bp 0x7ffd5dc26860 sp 0x7ffd5dc26010
WRITE of size 36 at 0x6030004bd19b thread T0
#0 0x7f933a072273
eteran#1 0x7f93242f2796 in strcpy bits/string_fortified.h:90
eteran#2 0x7f93242f2796 in DebuggerCorePlugin::Unix::execute_process(QString const&, QString const&, QList<QByteArray> const&) plugins/DebuggerCore/unix/Unix.cpp:179
eteran#3 0x7f93241d6dc5 in DebuggerCorePlugin::DebuggerCore::open(QString const&, QString const&, QList<QByteArray> const&, QString const&) plugins/DebuggerCore/unix/linux/DebuggerCore.cpp:925
eteran#4 0x62b26a in Debugger::commonOpen(QString const&, QList<QByteArray> const&) src/Debugger.cpp:3013
eteran#5 0x62cdde in Debugger::execute(QString const&, QList<QByteArray> const&) src/Debugger.cpp:3033
eteran#6 0xc5fa4d in start_debugger src/main.cpp:122
eteran#7 0xc634c8 in main src/main.cpp:255
eteran#8 0x7f93371b9b8d in __libc_start_main
eteran#9 0x4b7879 in _start
0x6030004bd19b is located 0 bytes to the right of 27-byte region [0x6030004bd180,0x6030004bd19b)
allocated by thread T0 here:
#0 0x7f933a10df40 in operator new[](unsigned long)
eteran#1 0x7f93242f2239 in DebuggerCorePlugin::Unix::execute_process(QString const&, QString const&, QList<QByteArray> const&) plugins/DebuggerCore/unix/Unix.cpp:178
SUMMARY: AddressSanitizer: heap-buffer-overflow (libasan.so.5+0x52273)
Shadow bytes around the buggy address:
0x0c068008f9e0: fa fa fd fd fd fd fa fa fd fd fd fd fa fa fd fd
0x0c068008f9f0: fd fd fa fa fd fd fd fa fa fa fd fd fd fa fa fa
0x0c068008fa00: 00 00 00 00 fa fa 00 00 00 fa fa fa fd fd fd fa
0x0c068008fa10: fa fa 00 00 00 fa fa fa fd fd fd fa fa fa 00 00
0x0c068008fa20: 00 fa fa fa fd fd fd fd fa fa 00 00 00 fa fa fa
=>0x0c068008fa30: 00 00 00[03]fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
The problem was caused by the fact that the buffer size is computed as
a string length in UTF-16 codeunits, but is written with UTF-8 (technically
currect system encoding) codeunits, so its length should equal to
the length of string in UTF-8 codeunits.
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 22, 2020
Before this commit running
edb --run /home/ivan/Документы/a.out (Документы means "Documents" in Russian)
would cause heap-buffer-overflow in edb:
=================================================================
==26208==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6030004bd19b at pc 0x7f933a072274 bp 0x7ffd5dc26860 sp 0x7ffd5dc26010
WRITE of size 36 at 0x6030004bd19b thread T0
#0 0x7f933a072273
eteran#1 0x7f93242f2796 in strcpy bits/string_fortified.h:90
eteran#2 0x7f93242f2796 in DebuggerCorePlugin::Unix::execute_process(QString const&, QString const&, QList<QByteArray> const&) plugins/DebuggerCore/unix/Unix.cpp:179
eteran#3 0x7f93241d6dc5 in DebuggerCorePlugin::DebuggerCore::open(QString const&, QString const&, QList<QByteArray> const&, QString const&) plugins/DebuggerCore/unix/linux/DebuggerCore.cpp:925
eteran#4 0x62b26a in Debugger::commonOpen(QString const&, QList<QByteArray> const&) src/Debugger.cpp:3013
eteran#5 0x62cdde in Debugger::execute(QString const&, QList<QByteArray> const&) src/Debugger.cpp:3033
eteran#6 0xc5fa4d in start_debugger src/main.cpp:122
eteran#7 0xc634c8 in main src/main.cpp:255
eteran#8 0x7f93371b9b8d in __libc_start_main
eteran#9 0x4b7879 in _start
0x6030004bd19b is located 0 bytes to the right of 27-byte region [0x6030004bd180,0x6030004bd19b)
allocated by thread T0 here:
#0 0x7f933a10df40 in operator new[](unsigned long)
eteran#1 0x7f93242f2239 in DebuggerCorePlugin::Unix::execute_process(QString const&, QString const&, QList<QByteArray> const&) plugins/DebuggerCore/unix/Unix.cpp:178
SUMMARY: AddressSanitizer: heap-buffer-overflow (libasan.so.5+0x52273)
Shadow bytes around the buggy address:
0x0c068008f9e0: fa fa fd fd fd fd fa fa fd fd fd fd fa fa fd fd
0x0c068008f9f0: fd fd fa fa fd fd fd fa fa fa fd fd fd fa fa fa
0x0c068008fa00: 00 00 00 00 fa fa 00 00 00 fa fa fa fd fd fd fa
0x0c068008fa10: fa fa 00 00 00 fa fa fa fd fd fd fa fa fa 00 00
0x0c068008fa20: 00 fa fa fa fd fd fd fd fa fa 00 00 00 fa fa fa
=>0x0c068008fa30: 00 00 00[03]fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c068008fa80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
The problem was caused by the fact that the buffer size is computed as
a string length in UTF-16 codeunits, but is written with UTF-8 (technically
current system encoding) codeunits, so its length should equal to
the length of string in UTF-8 codeunits.
sorokin
added a commit
to sorokin/edb-debugger
that referenced
this issue
Feb 29, 2020
The issue was about leaks reported by leak sanitizer:
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e695267 in HardwareBreakpointsPlugin::HardwareBreakpoints::stackContextMenu() HardwareBreakpoints.cpp:253
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e69ba38 in HardwareBreakpointsPlugin::HardwareBreakpoints::cpuContextMenu() HardwareBreakpoints.cpp:324
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5c95377d80 in operator new(unsigned long)
eteran#1 0x7f5c7e6985d7 in HardwareBreakpointsPlugin::HardwareBreakpoints::dataContextMenu() HardwareBreakpoints.cpp:288
eteran#2 0x694aac in Debugger::Debugger(QWidget*) Debugger.cpp:485
eteran#3 0x4e683a in start_debugger main.cpp:96
eteran#4 0x4e683a in main main.cpp:255
The most idiomatic way to fix the issue was to assign a parent
to the submenus created in these functions. Unfortunately
there is no suitable parent available in these functions.
This commit fixes the issue in the most straight-forward way
possible: it just adds QMenu* parent parameter to the functions
* IPlugin::cpuContextMenu
* IPlugin::registerContextMenu
* IPlugin::stackContextMenu
* IPlugin::dataContextMenu
This allows plugins to set proper parent to all submenus
they choose to create in order for them to be properly destroyed
when root menu is destroyed.
This commit also sets parents to the QActions that are created
in these functions so they are timedly destroyed. As a possible
follow-up these QActions can be created once in plugin
constructor and not everytime the menu is created.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be nice if EDB could save bookmarks in a session file
The text was updated successfully, but these errors were encountered: