Attachment 219761 Details for Bug 251203 – Clang address sanitizer report

Clang address sanitizer report

sanitize-report.txt (text/plain), 4.48 KB, created by Jose Quinteiro on 2020-11-17 04:39:52 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jose Quinteiro

Created: 2020-11-17 04:39:52 UTC

Size: 4.48 KB

patch

obsolete

>=================================================================
>==8007==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020000051d4 at pc 0x00080063e5f5 bp 0x7fffffffdaf0 sp 0x7fffffffdae8
>READ of size 4 at 0x6020000051d4 thread T0
>    #0 0x80063e5f4 in bdestroy /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:993:22
>    #1 0x3604f3 in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:207:9
>    #2 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13
>    #3 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14
>    #4 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17
>    #5 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27
>    #6 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9
>    #7 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34
>    #8 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7
>
>0x6020000051d4 is located 4 bytes inside of 16-byte region [0x6020000051d0,0x6020000051e0)
>freed by thread T0 here:
>    #0 0x2eee22 in __interceptor_free /usr/src/contrib/compiler-rt/lib/asan/asan_malloc_linux.cc:124:3
>    #1 0x80063e5da in bdestroy /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:1006:2
>    #2 0x3602bb in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:185:17
>    #3 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13
>    #4 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14
>    #5 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17
>    #6 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27
>    #7 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9
>    #8 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34
>    #9 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7
>    #10 0x80038bfff  (<unknown module>)
>
>previously allocated by thread T0 here:
>    #0 0x2ef013 in __interceptor_malloc /usr/src/contrib/compiler-rt/lib/asan/asan_malloc_linux.cc:146:3
>    #1 0x80063dccf in bfromcstralloc /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:221:16
>    #2 0x80064aeb4 in bformat /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:2879:22
>    #3 0x36027f in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:182:13
>    #4 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13
>    #5 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14
>    #6 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17
>    #7 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27
>    #8 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9
>    #9 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34
>    #10 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7
>    #11 0x80038bfff  (<unknown module>)
>
>SUMMARY: AddressSanitizer: heap-use-after-free /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:993:22 in bdestroy
>Shadow bytes around the buggy address:
>  0x4c04000009e0: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00
>  0x4c04000009f0: fa fa 00 00 fa fa 00 00 fa fa 00 fa fa fa 00 00
>  0x4c0400000a00: fa fa 00 fa fa fa 00 00 fa fa 00 fa fa fa 00 00
>  0x4c0400000a10: fa fa 00 fa fa fa fd fd fa fa fd fa fa fa fd fd
>  0x4c0400000a20: fa fa 05 fa fa fa 00 00 fa fa fd fd fa fa fd fd
>=>0x4c0400000a30: fa fa 00 00 fa fa 00 00 fa fa[fd]fd fa fa fd fa
>  0x4c0400000a40: fa fa 05 fa fa fa 02 fa fa fa fa fa fa fa fa fa
>  0x4c0400000a50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>  0x4c0400000a60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>  0x4c0400000a70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>  0x4c0400000a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>Shadow byte legend (one shadow byte represents 8 application bytes):
>  Addressable:           00
>  Partially addressable: 01 02 03 04 05 06 07 
>  Heap left redzone:       fa
>  Freed heap region:       fd
>  Stack left redzone:      f1
>  Stack mid redzone:       f2
>  Stack right redzone:     f3
>  Stack after return:      f5
>  Stack use after scope:   f8
>  Global redzone:          f9
>  Global init order:       f6
>  Poisoned by user:        f7
>  Container overflow:      fc
>  Array cookie:            ac
>  Intra object redzone:    bb
>  ASan internal:           fe
>  Left alloca redzone:     ca
>  Right alloca redzone:    cb
>  Shadow gap:              cc
>==8007==ABORTING

Actions: View

Attachments on bug 251203: 219761 | 219762