You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
==90441==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61e00000f070 at pc 0x000100d64f4e bp 0x7fff5efe9500 sp 0x7fff5efe94f8
READ of size 4 at 0x61e00000f070 thread T0
#0 0x100d64f4d in mrb_env_unshare (mruby:x86_64+0x100157f4d)
#1 0x100d694d2 in cipop (mruby:x86_64+0x10015c4d2)
#2 0x100d86b80 in mrb_vm_exec (mruby:x86_64+0x100179b80)
#3 0x100d72ad9 in mrb_vm_run (mruby:x86_64+0x100165ad9)
#4 0x100da5549 in mrb_top_run (mruby:x86_64+0x100198549)
#5 0x100e76805 in mrb_load_exec (mruby:x86_64+0x100269805)
#6 0x100e77615 in mrb_load_file_cxt (mruby:x86_64+0x10026a615)
#7 0x100c0f2e6 in main mruby.c:227
#8 0x7fffbbbba234 in start (libdyld.dylib:x86_64+0x5234)
0x61e00000f070 is located 16 bytes to the left of 2560-byte region [0x61e00000f080,0x61e00000fa80)
allocated by thread T0 here:
#0 0x10101e520 in wrap_realloc (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x56520)
#1 0x100d078a5 in mrb_default_allocf (mruby:x86_64+0x1000fa8a5)
#2 0x100c88be8 in mrb_realloc_simple gc.c:202
#3 0x100c892ce in mrb_realloc gc.c:216
#4 0x100c89d53 in mrb_malloc gc.c:237
#5 0x100c89ded in mrb_calloc gc.c:255
#6 0x100d69b55 in stack_init (mruby:x86_64+0x10015cb55)
#7 0x100d66bd7 in mrb_funcall_with_block (mruby:x86_64+0x100159bd7)
#8 0x100d6655a in mrb_funcall_with_block (mruby:x86_64+0x10015955a)
#9 0x100d65d47 in mrb_funcall_argv (mruby:x86_64+0x100158d47)
#10 0x100c4d045 in mrb_obj_new (mruby:x86_64+0x100040045)
#11 0x100c71b9d in mrb_exc_new_str (mruby:x86_64+0x100064b9d)
#12 0x100c7b967 in mrb_init_exception (mruby:x86_64+0x10006e967)
#13 0x100cac990 in mrb_init_core (mruby:x86_64+0x10009f990)
#14 0x100d0783e in mrb_open_core (mruby:x86_64+0x1000fa83e)
#15 0x100d07a0c in mrb_open_allocf (mruby:x86_64+0x1000faa0c)
#16 0x100d079d7 in mrb_open (mruby:x86_64+0x1000fa9d7)
#17 0x100c0e1f8 in main mruby.c:171
#18 0x7fffbbbba234 in start (libdyld.dylib:x86_64+0x5234)
SUMMARY: AddressSanitizer: heap-buffer-overflow (mruby:x86_64+0x100157f4d) in mrb_env_unshare
Shadow bytes around the buggy address:
0x1c3c00001db0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3c00001dc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3c00001dd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3c00001de0: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa
0x1c3c00001df0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x1c3c00001e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa]fa
0x1c3c00001e10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c3c00001e20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c3c00001e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c3c00001e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c3c00001e50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==90441==ABORTING
Abort trap: 6
The following input demonstrates a crash:
ASAN report:
This issue was reported by https://hackerone.com/ssarong
The text was updated successfully, but these errors were encountered: