Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory allocation failure in readBytes (read.c:252) #172

Open
waugustus opened this issue Jan 17, 2019 · 2 comments
Open

Memory allocation failure in readBytes (read.c:252) #172

waugustus opened this issue Jan 17, 2019 · 2 comments

Comments

@waugustus
Copy link

version: master(commit 5009802)
command: listswf $FILE
OS: Ubuntu 16.04.4 LTS 64bit

$ ./install-asan/bin/listswf poc >/dev/null
header indicates a filesize of 1995 but filesize is 1916
==19625==WARNING: AddressSanitizer failed to allocate 0xfffffffffffffffe bytes
==19625==AddressSanitizer's allocator is terminating the process instead of returning 0
==19625==If you don't like this behavior set allocator_may_return_null=1
==19625==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator.cc:147 "((0)) != (0)" (0x0, 0x0)
    #0 0x7f9290d80631  (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631)
    #1 0x7f9290d855e3 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa55e3)
    #2 0x7f9290cfd425  (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x1d425)
    #3 0x7f9290d83865  (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa3865)
    #4 0x7f9290d02b4d  (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x22b4d)
    #5 0x7f9290d785d2 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x985d2)
    #6 0x44dec2 in readBytes /home/wdw/experiment/aflgo/libming/util/read.c:252
    #7 0x437290 in parseSWF_DEFINEBITSJPEG2 /home/wdw/experiment/aflgo/libming/util/parser.c:1493
    #8 0x419c15 in blockParse /home/wdw/experiment/aflgo/libming/util/blocktypes.c:145
    #9 0x415a68 in readMovie /home/wdw/experiment/aflgo/libming/util/main.c:269
    #10 0x41624e in main /home/wdw/experiment/aflgo/libming/util/main.c:354
    #11 0x7f929041782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #12 0x401aa8 in _start (/home/wdw/experiment/aflgo/libming/install-asan/bin/listswf+0x401aa8)

Download: poc

@rathann
Copy link

rathann commented Feb 25, 2019

CVE-2019-7582

@rathann
Copy link

rathann commented Mar 8, 2019

Which commit fixes this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants