FreeBSD Bugzilla – Attachment 219761 Details for
Bug 251203
net/netatalk3 Use after free in get_tm_used()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
Clang address sanitizer report
sanitize-report.txt (text/plain), 4.48 KB, created by
Jose Quinteiro
on 2020-11-17 04:39:52 UTC
(
hide
)
Description:
Clang address sanitizer report
Filename:
MIME Type:
Creator:
Jose Quinteiro
Created:
2020-11-17 04:39:52 UTC
Size:
4.48 KB
patch
obsolete
>================================================================= >==8007==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020000051d4 at pc 0x00080063e5f5 bp 0x7fffffffdaf0 sp 0x7fffffffdae8 >READ of size 4 at 0x6020000051d4 thread T0 > #0 0x80063e5f4 in bdestroy /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:993:22 > #1 0x3604f3 in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:207:9 > #2 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13 > #3 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14 > #4 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17 > #5 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27 > #6 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9 > #7 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34 > #8 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7 > >0x6020000051d4 is located 4 bytes inside of 16-byte region [0x6020000051d0,0x6020000051e0) >freed by thread T0 here: > #0 0x2eee22 in __interceptor_free /usr/src/contrib/compiler-rt/lib/asan/asan_malloc_linux.cc:124:3 > #1 0x80063e5da in bdestroy /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:1006:2 > #2 0x3602bb in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:185:17 > #3 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13 > #4 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14 > #5 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17 > #6 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27 > #7 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9 > #8 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34 > #9 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7 > #10 0x80038bfff (<unknown module>) > >previously allocated by thread T0 here: > #0 0x2ef013 in __interceptor_malloc /usr/src/contrib/compiler-rt/lib/asan/asan_malloc_linux.cc:146:3 > #1 0x80063dccf in bfromcstralloc /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:221:16 > #2 0x80064aeb4 in bformat /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:2879:22 > #3 0x36027f in get_tm_used /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:182:13 > #4 0x35fe44 in getvolspace /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:259:13 > #5 0x35ea9d in getvolparams /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:347:14 > #6 0x35cbb7 in stat_vol /home/user1/gitrepos/Netatalk/etc/afpd/volume.c:521:17 > #7 0x303ab3 in afp_over_dsi /home/user1/gitrepos/Netatalk/etc/afpd/afp_dsi.c:627:27 > #8 0x34c35e in dsi_start /home/user1/gitrepos/Netatalk/etc/afpd/main.c:474:9 > #9 0x34a983 in main /home/user1/gitrepos/Netatalk/etc/afpd/main.c:417:34 > #10 0x25a10e in _start /usr/src/lib/csu/amd64/crt1.c:76:7 > #11 0x80038bfff (<unknown module>) > >SUMMARY: AddressSanitizer: heap-use-after-free /home/user1/gitrepos/Netatalk/libatalk/bstring/bstrlib.c:993:22 in bdestroy >Shadow bytes around the buggy address: > 0x4c04000009e0: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00 > 0x4c04000009f0: fa fa 00 00 fa fa 00 00 fa fa 00 fa fa fa 00 00 > 0x4c0400000a00: fa fa 00 fa fa fa 00 00 fa fa 00 fa fa fa 00 00 > 0x4c0400000a10: fa fa 00 fa fa fa fd fd fa fa fd fa fa fa fd fd > 0x4c0400000a20: fa fa 05 fa fa fa 00 00 fa fa fd fd fa fa fd fd >=>0x4c0400000a30: fa fa 00 00 fa fa 00 00 fa fa[fd]fd fa fa fd fa > 0x4c0400000a40: fa fa 05 fa fa fa 02 fa fa fa fa fa fa fa fa fa > 0x4c0400000a50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa > 0x4c0400000a60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa > 0x4c0400000a70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa > 0x4c0400000a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >Shadow byte legend (one shadow byte represents 8 application bytes): > Addressable: 00 > Partially addressable: 01 02 03 04 05 06 07 > Heap left redzone: fa > Freed heap region: fd > Stack left redzone: f1 > Stack mid redzone: f2 > Stack right redzone: f3 > Stack after return: f5 > Stack use after scope: f8 > Global redzone: f9 > Global init order: f6 > Poisoned by user: f7 > Container overflow: fc > Array cookie: ac > Intra object redzone: bb > ASan internal: fe > Left alloca redzone: ca > Right alloca redzone: cb > Shadow gap: cc >==8007==ABORTING
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 251203
: 219761 |
219762