Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV src/njs_lvlhsh.c:176:16 in njs_lvlhsh_find #615

Closed
ret2ddme opened this issue Feb 21, 2023 · 0 comments
Closed

SEGV src/njs_lvlhsh.c:176:16 in njs_lvlhsh_find #615

ret2ddme opened this issue Feb 21, 2023 · 0 comments

Comments

@ret2ddme
Copy link

Environment

commit: 4c1e23326e1c30e4e051bf588bfc1aaa63954976
version: 0.7.10
Build   : 
     ./configure --cc=clang --address-sanitizer=YES     
     make

Poc

const v1 = URIError();
v1.name = URIError();
URIError && v1;

Asan

==21471==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000726f (pc 0x0000004cde74 bp 0x7ffcd78018d0 sp 0x7ffcd78018d0 T0)
==21471==The signal is caused by a READ memory access.
    #0 0x4cde74 in njs_lvlhsh_find /root/njs/src/njs_lvlhsh.c:176:16
    #1 0x51efff in njs_object_property /root/njs/src/njs_object_prop.c:104:15
    #2 0x553f76 in njs_error_to_string2 /root/njs/src/njs_error.c:619:11
    #3 0x553b9d in njs_error_to_string /root/njs/src/njs_error.c:689:12
    #4 0x535773 in njs_dump_terminal /root/njs/src/njs_json.c:1848:15
    #5 0x533591 in njs_vm_value_dump /root/njs/src/njs_json.c:1980:15
    #6 0x4e0374 in njs_vm_retval_dump /root/njs/src/njs_vm.c:1004:12
    #7 0x4c984b in njs_console_output /root/njs/src/njs_shell.c:885:13
    #8 0x4cd050 in njs_process_output /root/njs/src/njs_shell.c:1010:9
    #9 0x4cad81 in njs_process_script /root/njs/src/njs_shell.c:960:5
    #10 0x4cb556 in njs_process_file /root/njs/src/njs_shell.c:678:11
    #11 0x4c94be in main /root/njs/src/njs_shell.c:335:15
    #12 0x7f5056c67c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
    #13 0x41f1d9 in _start (/root/njs/build/njs+0x41f1d9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/njs/src/njs_lvlhsh.c:176:16 in njs_lvlhsh_find
nginx-hg-mirror pushed a commit that referenced this issue Feb 28, 2023
After njs_value_property() call the value argument might be
overwritten.

This is similar to #615.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants