You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
=================================================================
==48413==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62c00000782b at pc 0x000000533634 bp 0x7ffe4ec3c4f0 sp 0x7ffe4ec3c4e8
READ of size 1 at 0x62c00000782b thread T0
#0 0x533633 in libnsfdb_rrv_bucket_read /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_rrv_bucket.c:381:3
#1 0x528da4 in libnsfdb_io_handle_read_superblock /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_io_handle.c:3835:7
#2 0x520902 in libnsfdb_file_open_read /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_file.c:1035:6
#3 0x51fa33 in libnsfdb_file_open_file_io_handle /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_file.c:607:6
#4 0x51f3ac in libnsfdb_file_open /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_file.c:325:6
#5 0x517598 in main /home/seviezhou/libnsfdb/nsfdbtools/nsfdbinfo.c:229:6
#6 0x7ffb09faa83f in __libc_start_main /build/glibc-e6zv40/glibc-2.23/csu/../csu/libc-start.c:291
#7 0x41a498 in _start (/home/seviezhou/libnsfdb/nsfdbtools/nsfdbinfo+0x41a498)
0x62c00000782b is located 0 bytes to the right of 30251-byte region [0x62c000000200,0x62c00000782b)
allocated by thread T0 here:
#0 0x4de6a8 in malloc /home/seviezhou/llvm-6.0.0/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
#1 0x527784 in libnsfdb_io_handle_read_superblock /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_io_handle.c:3082:34
#2 0x520902 in libnsfdb_file_open_read /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_file.c:1035:6
#3 0x51fa33 in libnsfdb_file_open_file_io_handle /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_file.c:607:6
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/seviezhou/libnsfdb/libnsfdb/libnsfdb_rrv_bucket.c:381:3 in libnsfdb_rrv_bucket_read
Shadow bytes around the buggy address:
0x0c587fff8eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c587fff8ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c587fff8ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c587fff8ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c587fff8ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c587fff8f00: 00 00 00 00 00[03]fa fa fa fa fa fa fa fa fa fa
0x0c587fff8f10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c587fff8f20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c587fff8f30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c587fff8f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c587fff8f50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==48413==ABORTING
Before a stable release this project will seek OSS-Fuzz integration. So that it does not need to rely on external parties that copy paste the output of a fuzzing tool directly into a github issue, without any further analysis.
System info
Ubuntu X64, gcc (Ubuntu 5.5.0-12ubuntu1), nsfdbinfo (latest master 62bdef)
Configure
CC=/home/seviezhou/AlphaFuzz/tools/alpha-clang CXX=/home/seviezhou/AlphaFuzz/tools/alpha-clang++ ./configure --enable-shared=no
Command line
./nsfdbtools/nsfdbinfo @@
AddressSanitizer output
POC
heap-overflow-libnsfdb_rrv_bucket_read-libnsfdb_rrv_bucket-381.zip
The text was updated successfully, but these errors were encountered: