Open fCorleone opened 6 years ago
When I ran the program addressbook. ASAN found a global buffer overflow:
================================================================= ==545==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000004391a7 at pc 0x00000041ade3 bp 0x7ffcea768b30 sp 0x7ffcea768b20 READ of size 1 at 0x0000004391a7 thread T0 #0 0x41ade2 in pbc_wmessage_string src/wmessage.c:300 #1 0x4022a8 in test_wmessage ../test/addressbook.c:78 #2 0x402500 in main ../test/addressbook.c:105 #3 0x7f034e49982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #4 0x401618 in _start (/home/mfc_fuzz/pbc/build/addressbook+0x401618) 0x0000004391a7 is located 0 bytes to the right of global variable '*.LC25' defined in '../test/addressbook.c' (0x4391a0) of size 7 '*.LC25' is ascii string 'MOBILE' SUMMARY: AddressSanitizer: global-buffer-overflow src/wmessage.c:300 pbc_wmessage_string Shadow bytes around the buggy address: 0x00008007f1e0: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 0x00008007f1f0: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 07 f9 f9 0x00008007f200: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 00 f9 0x00008007f210: f9 f9 f9 f9 06 f9 f9 f9 f9 f9 f9 f9 00 05 f9 f9 0x00008007f220: f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 00 04 f9 f9 =>0x00008007f230: f9 f9 f9 f9[07]f9 f9 f9 f9 f9 f9 f9 00 00 00 00 0x00008007f240: 00 07 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x00008007f250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008007f260: 00 00 00 00 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 0x00008007f270: 05 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 0x00008007f280: 01 f9 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe ==545==ABORTING
When I ran the program addressbook. ASAN found a global buffer overflow: