You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ uname -a
Linux user-GE40-2PC-Dragon-Eyes 6.2.0-33-generic #33~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Sep 7 10:33:52 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
Asan
WARN: mach0 header contains too many sections (268435492). Wrapping to 4
ERROR: parsing segment
WARN: Cannot initialize items
=================================================================
==651889==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6160000086ef at pc 0x7fd883ae6cf1 bp 0x7ffcc29f8db0 sp 0x7ffcc29f8da8
READ of size 1 at 0x6160000086ef thread T0
#0 0x7fd883ae6cf0 in r_read_le32 /home/user/fuzzing_radare2/radare2/libr/include/r_endian.h:194:17
#1 0x7fd883ae6cf0 in r_read_at_le32 /home/user/fuzzing_radare2/radare2/libr/include/r_endian.h:203:9
#2 0x7fd883ae6cf0 in r_read_le64 /home/user/fuzzing_radare2/radare2/libr/include/r_endian.h:217:21
#3 0x7fd883ae6cf0 in r_ptr /home/user/fuzzing_radare2/radare2/libr/../libr/bin/p/bin_xnu_kernelcache.c:475:24
#4 0x7fd883ae6cf0 in process_constructors /home/user/fuzzing_radare2/radare2/libr/../libr/bin/p/bin_xnu_kernelcache.c:992:18
#5 0x7fd883adbe7e in entries /home/user/fuzzing_radare2/radare2/libr/../libr/bin/p/bin_xnu_kernelcache.c:852:2
#6 0x7fd8837bf7f4 in r_bin_object_set_items /home/user/fuzzing_radare2/radare2/libr/bin/bobj.c:317:17
#7 0x7fd8837bec70 in r_bin_object_new /home/user/fuzzing_radare2/radare2/libr/bin/bobj.c:182:2
#8 0x7fd8837b3a72 in r_bin_file_new_from_buffer /home/user/fuzzing_radare2/radare2/libr/bin/bfile.c:613:19
#9 0x7fd883787033 in r_bin_open_buf /home/user/fuzzing_radare2/radare2/libr/bin/bin.c:310:8
#10 0x7fd8837867c3 in r_bin_open_io /home/user/fuzzing_radare2/radare2/libr/bin/bin.c:376:13
#11 0x7fd8870d2107 in r_core_file_do_load_for_io_plugin /home/user/fuzzing_radare2/radare2/libr/core/cfile.c:445:7
#12 0x7fd8870d2107 in r_core_bin_load /home/user/fuzzing_radare2/radare2/libr/core/cfile.c:653:4
#13 0x7fd88827b2ff in binload /home/user/fuzzing_radare2/radare2/libr/main/radare2.c:543:8
#14 0x7fd88827478a in r_main_radare2 /home/user/fuzzing_radare2/radare2/libr/main/radare2.c:1475:10
#15 0x55a6d135c52d in main /home/user/fuzzing_radare2/radare2/binr/radare2/radare2.c:114:9
#16 0x7fd887829d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#17 0x7fd887829e3f in __libc_start_main csu/../csu/libc-start.c:392:3
#18 0x55a6d129e444 in _start (/home/user/fuzzing_radare2/radare2/binr/radare2/radare2+0x1f444) (BuildId: 655cd64f4959101bcf192e77bc6bf062577e0708)
0x6160000086ef is located 6 bytes to the right of 617-byte region [0x616000008480,0x6160000086e9)
allocated by thread T0 here:
#0 0x55a6d1321478 in __interceptor_calloc (/home/user/fuzzing_radare2/radare2/binr/radare2/radare2+0xa2478) (BuildId: 655cd64f4959101bcf192e77bc6bf062577e0708)
#1 0x7fd883ae6389 in process_constructors /home/user/fuzzing_radare2/radare2/libr/../libr/bin/p/bin_xnu_kernelcache.c:981:14
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/user/fuzzing_radare2/radare2/libr/include/r_endian.h:194:17 in r_read_le32
Shadow bytes around the buggy address:
0x0c2c7fff9080: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2c7fff9090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2c7fff90a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2c7fff90b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2c7fff90c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c2c7fff90d0: 00 00 00 00 00 00 00 00 00 00 00 00 00[01]fa fa
0x0c2c7fff90e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2c7fff90f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2c7fff9100: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2c7fff9110: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2c7fff9120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==651889==ABORTING
Version
Platform
Asan
Reproduce
POC File
https://github.com/gandalf4a/crash_report/blob/main/radare2/rabin2/rabin_hbo_194
Credit
The text was updated successfully, but these errors were encountered: