[Bug 8721] New: AddressSanitizer: READ of size 1 in path_advance shell/ash.c:2391

bugzilla at busybox.net bugzilla at busybox.net
Thu Feb 25 20:57:09 UTC 2016


https://bugs.busybox.net/show_bug.cgi?id=8721

            Bug ID: 8721
           Summary: AddressSanitizer: READ of size 1 in path_advance
                    shell/ash.c:2391
           Product: Busybox
           Version: 1.24.x
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Other
          Assignee: unassigned at busybox.net
          Reporter: fernando at null-life.com
                CC: busybox-cvs at busybox.net
  Target Milestone: ---

Created attachment 6356
  --> https://bugs.busybox.net/attachment.cgi?id=6356&action=edit
minimized test case

test at kali:/root/fuzzshell$ ./busybox_unstripped sh min2.sh
=================================================================
==14108==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xb4f00256 at
pc 0x08078d6a bp 0xbfffe8d8 sp 0xbfffe8cc
READ of size 1 at 0xb4f00256 thread T0
    #0 0x8078d69 in path_advance shell/ash.c:2391

0xb4f00256 is located 0 bytes to the right of 6-byte region
[0xb4f00250,0xb4f00256)
allocated by thread T0 here:
    #0 0xb7afa25e in __interceptor_malloc
(/usr/lib/i386-linux-gnu/libasan.so.2+0x9225e)
    #1 0x811d83f in xmalloc libbb/xfuncs_printf.c:47

SUMMARY: AddressSanitizer: heap-buffer-overflow shell/ash.c:2391 path_advance
Shadow bytes around the buggy address:

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the busybox-cvs mailing list