Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

swfc mem_put_() crash #23

Closed
lcatro opened this issue Jun 11, 2017 · 0 comments

Comments

Projects
None yet
1 participant
@lcatro
Copy link

commented Jun 11, 2017

Crash : https://raw.githubusercontent.com/lcatro/My_PoC/master/swftools/swfc_crash_mem_put_

Trigger : ./swfc swftools/swfc_crash_mem_put_

Crash Detail :

`
fuzzer@ub16x64:~/fuzzing/swftools/src$ ./swfc swftools/swfc_crash_mem_put_

==18776==ERROR: AddressSanitizer: negative-size-param: (size=-1)
#0 0x7f4914cd39a1 in _asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c9a1)
#1 0x487d52 in mem_put
(/home/fuzzer/fuzzing/swftools/src/swfc+0x487d52)
#2 0x488202 in mem_putstring (/home/fuzzer/fuzzing/swftools/src/swfc+0x488202)
#3 0x402f59 in store (/home/fuzzer/fuzzing/swftools/src/swfc+0x402f59)
#4 0x4042ed in yylex (/home/fuzzer/fuzzing/swftools/src/swfc+0x4042ed)
#5 0x404f8a in generateTokens (/home/fuzzer/fuzzing/swftools/src/swfc+0x404f8a)
#6 0x411194 in main (/home/fuzzer/fuzzing/swftools/src/swfc+0x411194)
#7 0x7f491412282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#8 0x402a08 in _start (/home/fuzzer/fuzzing/swftools/src/swfc+0x402a08)

0x629000005201 is located 1 bytes inside of 16386-byte region [0x629000005200,0x629000009202)
allocated by thread T0 here:
#0 0x7f4914cdf602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x403247 in yyalloc (/home/fuzzer/fuzzing/swftools/src/swfc+0x403247)

SUMMARY: AddressSanitizer: negative-size-param ??:0 __asan_memcpy
==18776==ABORTING
`

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.