[Bug 16144] New: Null Pointer Dereference at awk
bugzilla at busybox.net
bugzilla at busybox.net
Tue Aug 6 14:05:20 UTC 2024
https://bugs.busybox.net/show_bug.cgi?id=16144
Bug ID: 16144
Summary: Null Pointer Dereference at awk
Product: Busybox
Version: 1.36.x
Hardware: All
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: Standard Compliance
Assignee: unassigned at busybox.net
Reporter: stasos24 at gmail.com
CC: busybox-cvs at busybox.net
Target Milestone: ---
Created attachment 9769
--> https://bugs.busybox.net/attachment.cgi?id=9769&action=edit
Config.in with sanitizer flags
PoC:
- make defconfig using provided Config.in (added sanitizer flags)
- make
- ln -s ./busybox_unstripped ./awk
- ./awk -f/ , d -- d , d -- r + A ,-- Z X_=
or - ./awk $(cat ./awk_crash)
ASAN report:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==4140027==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x000000924cdd bp 0x7ffe3fa442d0 sp 0x7ffe3fa43c80 T0)
==4140027==The signal is caused by a READ memory access.
==4140027==Hint: address points to the zero page.
#0 0x924cdd in skip_spaces /busybox_orig/editors/awk.c:826:7
#1 0x91a74b in parse_program /busybox_orig/editors/awk.c:1720:12
#2 0x4d67bc in run_applet_no_and_exit
/busybox_orig/libbb/appletlib.c:968:23
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /busybox_orig/editors/awk.c:826:7 in
skip_spaces
==4140027==ABORTING
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list