SEGV exits in the function state_free in swftools/src/swfc-history.c:52:16

[guangbuming]

project

https://github.com/matthiaskramm/swftools
version:0.9.2

os info

Ubuntu20.04 TLS

poc

5_poc.zip

build

git clone https://github.com/matthiaskramm/swftools.git
cd swftools
./configure --disable-shared && make
./src/swfc 5_poc

ASAN Info

AddressSanitizer:DEADLYSIGNAL
=================================================================
==2665200==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000048 (pc 0x000000505a33 bp 0x00000118ce08 sp 0x7fffffffda80 T0)
==2665200==The signal is caused by a READ memory access.
==2665200==Hint: address points to the zero page.
    #0 0x505a33 in state_free /home/swftools/src/swfc-history.c:52:16
    #1 0x51160b in history_free /home/swftools/src/swfc-history.c:847:5
    #2 0x4eedcd in instance_free /home/swftools/src/swfc.c:299:5
    #3 0x4eedcd in free_instance /home/swftools/src/swfc.c:313:5
    #4 0x6f31ac in dict_free_all /home/swftools/lib/q.c:1357:17
    #5 0x4eec95 in freeDictionaries /home/swftools/src/swfc.c:347:5
    #6 0x505610 in syntaxerror /home/swftools/src/swfc-feedback.c:41:6
    #7 0x4e1335 in s_action /home/swftools/src/swfc.c:1969:13
    #8 0x4fec01 in c_action /home/swftools/src/swfc.c
    #9 0x4ee709 in parseArgumentsForCommand /home/swftools/src/swfc.c:4475:5
    #10 0x4ee709 in main /home/swftools/src/swfc.c:4598:2
    #11 0x7ffff7c29082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #12 0x41d63d in _start (/home/swftools/src/swfc+0x41d63d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/swftools/src/swfc-history.c:52:16 in state_free
==2665200==ABORTING