search

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.
https://rizin.re
GNU Lesser General Public License v3.0
2.66k stars 357 forks source link

SEGV on unknown address when using Ctrl+b in the cmdline #4543

Closed s1gse9v closed 3 months ago

s1gse9v commented 3 months ago

When using Ctrl+b in the commandline to move back the cursor by one char, a SEGV on unknown address occurs.

Work environment

Questions Answers
OS/arch/bits (mandatory) Debian amd64
File format of the file you reverse (mandatory) doesn't apply
Architecture/bits of the file (mandatory) doesn't apply
rizin -v full output, not truncated (mandatory) rrizin 0.8.0 @ linux-x86-64 commit: 73ade9e5deec2be905decbc0043b6683c76a7258

Expected behavior

When typing something in the rizin commandline, pressing Ctrl+b should move the cursor back by one char.

Actual behavior

A SEGV on unknown address occurs. See ASAN output below.

Steps to reproduce the behavior

ASAN output

../librz/cons/dietline.c:1225:35: runtime error: member access within null pointer of type 'struct RzLine' AddressSanitizer:DEADLYSIGNAL

==18658==ERROR: AddressSanitizer: SEGV on unknown address 0x000000001068 (pc 0x7f33b1f28b8c bp 0x7ffc47948e10 sp 0x7ffc47948cc0 T0) ==18658==The signal is caused by a READ memory access.

0 0x7f33b1f28b8c in rz_line_readline_cb (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_cons.so.0.8+0x128b8c)

#1 0x7f33a797c5f9 in rz_core_fgets (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_core.so.0.8+0xd7c5f9)
#2 0x7f33a7995023 in rz_core_prompt (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_core.so.0.8+0xd95023)
#3 0x7f33a7995ec9 in rz_core_prompt_loop (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_core.so.0.8+0xd95ec9)
#4 0x7f33b30d5689 in rz_main_rizin (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_main.so.0.8+0xb3689)
#5 0x7f33b2e68249  (/lib/x86_64-linux-gnu/libc.so.6+0x27249)
#6 0x7f33b2e68304 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x27304)
#7 0x55ee6bf5a970 in _start (/rizin/build_asan/bin/rizin+0x2970)

AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/rizin/build_asan/bin/../lib/x86_64-linux-gnu/librz_cons.so.0.8+0x128b8c) in rz_line_readline_cb ==18658==ABORTING

s1gse9v commented 3 months ago

I'm working on this right now, will submit a PR soon