Heap Use-After-Free Notification when compiling with ASAN on Ubuntu 16 GCC 5.4 #15
Comments
|
FYI this project isn't maintained. I only wrote it as a part of a university course years ago. Don't use the code for anything but playing around |
|
Totally understand. It got some attention (30+) forks and I was curious what other projects it may have been integrated in to. |
|
That's very true! I haven't kept an eye on it.. Thanks for submitting the issues! |
|
Closing. |
ghost
closed this as 
|
$ ./protect_your_reto |
This issue was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to reproduce:
Compile GoHTTP Server (GCC and ASAN flags/LIBS).
Screen -S server
cd GoHTTP
./GoHTTP
CTRL-A, D (Detach from session)
Screen -S Request
curl 127.0.0.1:$runningport/hi.html
CTRL-A, D
Screen -R server
Dump:
==9215==ERROR: AddressSanitizer: heap-use-after-free on address 0x611000009dc0 at pc 0x7ff1c4d5620b bp 0x7f
fe6d5acce0 sp 0x7ffe6d5ac488
READ of size 2 at 0x611000009dc0 thread T0
#0 0x7ff1c4d5620a in __interceptor_strlen (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x7020a)
#1 0x401d9c in sendHeader (/root/GoHttp/GoHTTP+0x401d9c)
#2 0x4032bc in handleHttpGET (/root/GoHttp/GoHTTP+0x4032bc)
#3 0x4035b7 in receive (/root/GoHttp/GoHTTP+0x4035b7)
#4 0x4037da in handle (/root/GoHttp/GoHTTP+0x4037da)
#5 0x403881 in acceptConnection (/root/GoHttp/GoHTTP+0x403881)
#6 0x4038db in start (/root/GoHttp/GoHTTP+0x4038db)
#7 0x40406d in main (/root/GoHttp/GoHTTP+0x40406d)
#8 0x7ff1c3c2f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#9 0x401808 in _start (/root/GoHttp/GoHTTP+0x401808)
0x611000009dc0 is located 0 bytes inside of 200-byte region [0x611000009dc0,0x611000009e88)
freed by thread T0 here:
#0 0x7ff1c4d7e2ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x40289d in checkMime (/root/GoHttp/GoHTTP+0x40289d)
#2 0x4030f2 in handleHttpGET (/root/GoHttp/GoHTTP+0x4030f2)
#3 0x4035b7 in receive (/root/GoHttp/GoHTTP+0x4035b7)
#4 0x4037da in handle (/root/GoHttp/GoHTTP+0x4037da)
#5 0x403881 in acceptConnection (/root/GoHttp/GoHTTP+0x403881)
#6 0x4038db in start (/root/GoHttp/GoHTTP+0x4038db)
#7 0x40406d in main (/root/GoHttp/GoHTTP+0x40406d)
#8 0x7ff1c3c2f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
previously allocated by thread T0 here:
#0 0x7ff1c4d7e602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x402f3a in handleHttpGET (/root/GoHttp/GoHTTP+0x402f3a)
#2 0x4035b7 in receive (/root/GoHttp/GoHTTP+0x4035b7)
#3 0x4037da in handle (/root/GoHttp/GoHTTP+0x4037da)
#4 0x403881 in acceptConnection (/root/GoHttp/GoHTTP+0x403881)
#5 0x4038db in start (/root/GoHttp/GoHTTP+0x4038db)
#6 0x40406d in main (/root/GoHttp/GoHTTP+0x40406d)
#7 0x7ff1c3c2f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
SUMMARY: AddressSanitizer: heap-use-after-free ??:0 __interceptor_strlen
Shadow bytes around the buggy address:
0x0c227fff9360: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c227fff9370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c227fff9380: 00 fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff9390: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c227fff93a0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa
=>0x0c227fff93b0: fa fa fa fa fa fa fa fa[fd]fd fd fd fd fd fd fd
0x0c227fff93c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c227fff93d0: fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff93e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
uname -ar
Linux 4.4.0-148-generic #174-Ubuntu SMP Tue May 7 12:20:14 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
root@:~/GoHttp# cat httpd.conf
wwwroot /home/frw/public_html/
port 4000
The text was updated successfully, but these errors were encountered: