[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

global-buffer-overflow in find_option_type

From: 熊吉思汗
Subject: global-buffer-overflow in find_option_type
Date: Sat, 3 Jun 2023 17:31:59 +0800 (GMT+08:00)

Hello, cflow developers.

We use configFuzzer to find a global-overflow errors in find_option_type.

Bug 1: global-buffer-overflow in find_option_type

Command to Reproduce
./cflow -v -T

Stack Trace
==3083937==ERROR: AddressSanitizer: global-buffer-overflow on address 0x5555555b5622 at pc 0x7ffff764fe0d bp 0x7fffffffd870 sp 0x7fffffffd018
READ of size 4 at 0x5555555b5622 thread T0
    #0 0x7ffff764fe0c in __interceptor_memcmp ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:826
    #1 0x555555572953 in find_option_type /home/xjsh/normalFiles/cflow-1.7/src/main.c:243
    #2 0x555555573c86 in set_level_indent /home/xjsh/normalFiles/cflow-1.7/src/main.c:476
    #3 0x555555574191 in parse_opt /home/xjsh/normalFiles/cflow-1.7/src/main.c:577
    #4 0x55555559efdf in group_parse /home/xjsh/normalFiles/cflow-1.7/gnu/argp-parse.c:236
    #5 0x5555555a1e9a in parser_parse_opt /home/xjsh/normalFiles/cflow-1.7/gnu/argp-parse.c:739
    #6 0x5555555a2a72 in parser_parse_next /home/xjsh/normalFiles/cflow-1.7/gnu/argp-parse.c:862
    #7 0x5555555a3088 in argp_parse /home/xjsh/normalFiles/cflow-1.7/gnu/argp-parse.c:930
    #8 0x555555574df1 in main /home/xjsh/normalFiles/cflow-1.7/src/main.c:828
    #9 0x7ffff73a7082 in __libc_start_main ../csu/libc-start.c:308
    #10 0x555555564d1d in _start (/home/xjsh/normalFiles/cflow-1.7/asan_build/bin/cflow+0x10d1d)

0x5555555b5622 is located 0 bytes to the right of global variable '*.LC120' defined in 'main.c' (0x5555555b5620) of size 2
  '*.LC120' is ascii string '0'
0x5555555b5622 is located 62 bytes to the left of global variable '*.LC121' defined in 'main.c' (0x5555555b5660) of size 2
  '*.LC121' is ascii string '1'
SUMMARY: AddressSanitizer: global-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:826 in __interceptor_memcmp

- OS: Ubuntu 20.04.
- gcc 9.4.0
- cflow: 1.7

Note that we configured cflow with address sanitizer:
CFLAGS="-fsanitize=address" ./configure
make -j

Many Thanks.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]