[Bug 14781] A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function

bugzilla at busybox.net bugzilla at busybox.net
Tue Jun 7 18:40:38 UTC 2022


https://bugs.busybox.net/show_bug.cgi?id=14781

--- Comment #3 from Natanael Copa <ncopa at alpinelinux.org> ---
It does not crash here but valgrind detects it and various other use after
free:

$ echo foo | valgrind ./busybox_unstripped awk '$3i$3in$9=$r||$9=i6/6-9f'
==3430== Memcheck, a memory error detector
==3430== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==3430== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==3430== Command: ./busybox_unstripped awk $3i$3in$9=$r||$9=i6/6-9f
==3430== 
==3430== Invalid read of size 4
==3430==    at 0x195B74: copyvar (awk.c:1064)
==3430==    by 0x196ED1: evaluate (awk.c:3141)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b7510 is 0 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 8
==3430==    at 0x195B76: copyvar (awk.c:1066)
==3430==    by 0x196ED1: evaluate (awk.c:3141)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b7520 is 16 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 8
==3430==    at 0x195B7B: copyvar (awk.c:1067)
==3430==    by 0x196ED1: evaluate (awk.c:3141)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b7518 is 8 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x19698C: evaluate (awk.c:2923)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 4
==3430==    at 0x1947E6: getvar_i (awk.c:1023)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c10 is 0 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid write of size 8
==3430==    at 0x1947EF: getvar_i (awk.c:1024)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c20 is 16 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 8
==3430==    at 0x1947F7: getvar_i (awk.c:1025)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c18 is 8 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid write of size 4
==3430==    at 0x194839: getvar_i (awk.c:1039)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c10 is 0 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 4
==3430==    at 0x19483B: getvar_i (awk.c:1041)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c10 is 0 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 8
==3430==    at 0x194841: getvar_i (awk.c:1044)
==3430==    by 0x194869: is_numeric (awk.c:1082)
==3430==    by 0x194869: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c20 is 16 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 4
==3430==    at 0x19486A: is_numeric (awk.c:1083)
==3430==    by 0x19486A: istrue (awk.c:1089)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c10 is 0 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== Invalid read of size 8
==3430==    at 0x19488D: istrue (awk.c:1091)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Address 0x48b6c18 is 8 bytes inside a block of size 64 free'd
==3430==    at 0x48A4B0D: free (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x1974EA: evaluate (awk.c:3537)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430==  Block was alloc'd at
==3430==    at 0x48A26D5: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3430==    by 0x117287: xmalloc (xfuncs_printf.c:50)
==3430==    by 0x1172BC: xzalloc (xfuncs_printf.c:71)
==3430==    by 0x1968F6: nvalloc (awk.c:1825)
==3430==    by 0x1968F6: evaluate (awk.c:2877)
==3430==    by 0x1983EB: ptest (awk.c:2227)
==3430==    by 0x196A25: evaluate (awk.c:2951)
==3430==    by 0x19885A: awk_main (awk.c:3713)
==3430==    by 0x11600D: run_applet_no_and_exit (appletlib.c:967)
==3430==    by 0x116331: run_applet_and_exit (appletlib.c:986)
==3430==    by 0x116314: busybox_main (appletlib.c:917)
==3430==    by 0x116314: run_applet_and_exit (appletlib.c:979)
==3430==    by 0x1163AA: main (appletlib.c:1126)
==3430== 
==3430== 
==3430== HEAP SUMMARY:
==3430==     in use at exit: 11,033 bytes in 174 blocks
==3430==   total heap usage: 204 allocs, 30 frees, 13,028 bytes allocated
==3430== 
==3430== LEAK SUMMARY:
==3430==    definitely lost: 0 bytes in 0 blocks
==3430==    indirectly lost: 0 bytes in 0 blocks
==3430==      possibly lost: 11,033 bytes in 174 blocks
==3430==    still reachable: 0 bytes in 0 blocks
==3430==         suppressed: 0 bytes in 0 blocks
==3430== Rerun with --leak-check=full to see details of leaked memory
==3430== 
==3430== For lists of detected and suppressed errors, rerun with: -s
==3430== ERROR SUMMARY: 12 errors from 11 contexts (suppressed: 0 from 0)

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the busybox-cvs mailing list