Closed CodeLogicError closed 9 months ago
Hello,
more details are needed. If this bug is not exploitable it is unlikely to be addressed quickly.
Using Linux machine with 32GB RAM we do not encounter any bugs during stress test session with 2 ASAN-enabled binaries built with GCC and CLANG. Environment was: Linux Mint 21.2 Kernel: 6.2.0-39-generic clang version 14.0.0-1ubuntu1.1 gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04)
Script for stressing used eight curl's in parallel to list /lib directory.
As I see @CodeLogicError was using newer clang version. Sometimes using too new compilers is not a good idea. Close as can't reprodice/won't use unstable compiler.
I try add asan with the lightftp and fuzz lightftp. use CC=clang ( 16.0.6 ) and CFLAGS -fsanitize=address, build cd Source/debug . make it. when I continuous send ftp login and list command. It crashed .
I use gdb to show what happend. it might do when Source/ftpserv.c :535 clientsocket = create_datasocket(context); Source/ftpserv.c :137 clientsocket = accept(context->DataSocket, (struct sockaddr *)&laddr, &asz); stack is not will, like pthread_cleanup_push destroy the stack. the memory is munmap , I don't known what happend. Then do the Source/ftpserv.c :137 cleanup_handler function. The memery is already munmap, so it crash. If don't add asan , might use the same memory so not crash .