[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PSPP-BUG: [bug #58596] Null ptr deref in preprocess

From: Andrea Fioraldi
Subject: PSPP-BUG: [bug #58596] Null ptr deref in preprocess
Date: Wed, 17 Jun 2020 04:27:24 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0


                 Summary: Null ptr deref in preprocess
                 Project: PSPP
            Submitted by: andreafioraldi
            Submitted on: Wed 17 Jun 2020 08:27:23 AM UTC
                Category: Syntax Parser
                Severity: 5 - Average
                  Status: None
             Assigned to: None
             Open/Closed: Open
                 Release: None
         Discussion Lock: Any
                  Effort: 0.00



The ASan report for this bug is not so much informative:

==119403==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x00000065b9da
bp 0x000000000000 sp 0x7fffffffdbe0 T0)
==119403==The signal is caused by a READ memory access.
==119403==Hint: this fault was caused by a dereference of a high value address
(see register values below).  Dissassemble the provided pc to learn which
register was used.
    #0 0x65b9da in preprocess
    #1 0x53d557 in data_parser_make_active_file
    #2 0x657814 in cmd_matrix
    #3 0x4d048b in do_parse_command
    #4 0x4d048b in cmd_parse_in_state
    #5 0x4c9df6 in main /home/andreaf/real/pspp/src/ui/terminal/main.c:138:20
    #6 0x7ffff61a5b96 in __libc_start_main
    #7 0x421499 in _start (/home/andreaf/real/pspp/pspp_afl+0x421499)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/andreaf/real/pspp/src/language/data-io/matrix-data.c:353:19 in

With GDB you can easily see that matrices is NULL.

Program received signal SIGSEGV, Segmentation fault.
preprocess (casereader0=<optimized out>, dict=0x612000000ac0, aux=<optimized
out>) at src/language/data-io/matrix-data.c:353
353               dest_val->f = (matrices[n_splits - 1]) [col +
mformat->n_continuous_vars * row];
(gdb) p matrices 
$4 = (double **) 0x0


File Attachments:

Date: Wed 17 Jun 2020 08:27:23 AM UTC  Name: null_ptr_2  Size: 4KiB   By:



Reply to this item at:


  Message sent via Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]