Segmentation fault in _pbcP_message_default ()

EnchantedJohn commented 6 years ago

Hello.I use my company tool.I found two Segmentation Fault.There is first one.Then I want to provide more information.I hope will hope your guys.

EnchantedJohn commented 6 years ago

then there is GDB information:

Starting program: /home/lx/github/6_27/pbc/pbc-master/build_old/decode /home/lx/DIVE/Trunk/bin/hfl/output/14514F865D17766477397D62147F4327E508FB/hfl-crash-164-\{rva_0x2071\}\{code_0xB\}\{access_0x10\}\{decode\}
file : [google.protobuf.FileDescriptorProto]  -> 
name : "test/descriptor.proto"
package : "google.prqtobuf"
message_type : [google.protobuf.DescriptorProto]  -> 
name : "FileD%lf
iptorSet"
field : [google.protobuf.FieldDescriptorProto]  -> 
---------
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
---------

Program received signal SIGSEGV, Segmentation fault.
0x0000000000402071 in _pbcP_message_default ()
(gdb) bt
#0  0x0000000000402071 in _pbcP_message_default ()
#1  0x0000000000403b21 in pbc_rmessage_integer ()
#2  0x00000000004012f9 in _register_field ()
#3  0x0000000000401763 in _register_message ()
#4  0x0000000000401840 in _register_message ()
#5  0x0000000000401c0d in pbc_register ()
#6  0x0000000000400ff5 in test_decode ()
#7  0x0000000000400bed in main ()
(gdb) i r
rax            0x0  0
rbx            0x0  0
rcx            0x0  0
rdx            0x7fffffffdeb0   140737488346800
rsi            0x408057 4227159
rdi            0x0  0
rbp            0x614628 0x614628
rsp            0x7fffffffde90   0x7fffffffde90
r8             0x1  1
r9             0x1f 31
r10            0x7ffff7b55390   140737349243792
r11            0x7ffff7b9bb01   140737349532417
r12            0x0  0
r13            0x408057 4227159
r14            0x614410 6374416
r15            0x1  1
rip            0x402071 0x402071 <_pbcP_message_default+1>
eflags         0x10246  [ PF ZF IF RF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0
(gdb) x/10i $pc
=> 0x402071 <_pbcP_message_default+1>:  mov    0x10(%rdi),%rdi
   0x402075 <_pbcP_message_default+5>:  mov    %rdx,%rbx
   0x402078 <_pbcP_message_default+8>:  callq  0x402cb0 <_pbcM_sp_query>
   0x40207d <_pbcP_message_default+13>: test   %rax,%rax
   0x402080 <_pbcP_message_default+16>: je     0x402096 <_pbcP_message_default+38>
   0x402082 <_pbcP_message_default+18>: mov    0x18(%rax),%rsi
   0x402086 <_pbcP_message_default+22>: mov    0x20(%rax),%rdi
   0x40208a <_pbcP_message_default+26>: mov    0x10(%rax),%eax
   0x40208d <_pbcP_message_default+29>: mov    %rsi,(%rbx)
   0x402090 <_pbcP_message_default+32>: mov    %rdi,0x8(%rbx)

NicoleG25 commented 4 years ago

Assigned CVE-2018-12916

any plans for fix?

cloudwu / pbc

Segmentation fault in _pbcP_message_default () #120