[Bug 16150] New: Write of bounds at popmaildir
bugzilla at busybox.net
bugzilla at busybox.net
Sun Aug 11 07:57:29 UTC 2024
https://bugs.busybox.net/show_bug.cgi?id=16150
Bug ID: 16150
Summary: Write of bounds at popmaildir
Product: Busybox
Version: 1.36.x
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Standard Compliance
Assignee: unassigned at busybox.net
Reporter: stasos24 at gmail.com
CC: busybox-cvs at busybox.net
Target Milestone: ---
Created attachment 9787
--> https://bugs.busybox.net/attachment.cgi?id=9787&action=edit
Config.in with sanitizer flags
PoC:
- build busybox with sanitizer flags
- use provided commands below
./popmaildir �� -R7 0 A�
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1371788==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x558ac34e1e07 bp 0x7ffc80a4e400 sp 0x7ffc80a4dd00 T0)
==1371788==The signal is caused by a WRITE memory access.
==1371788==Hint: address points to the zero page.
#0 0x558ac34e1e07 in vgetopt32 libbb/getopt32.c:567
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV libbb/getopt32.c:567 in vgetopt32
==1371788==ABORTING
./popmaildir @ -d
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1371814==ERROR: AddressSanitizer: SEGV on unknown address 0x55dcac56b020 (pc
0x55dcac53fd18 bp 0x7ffc6b385080 sp 0x7ffc6b384980 T0)
==1371814==The signal is caused by a WRITE memory access.
#0 0x55dcac53fd18 in vgetopt32 libbb/getopt32.c:561
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV libbb/getopt32.c:561 in vgetopt32
==1371814==ABORTING
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list