[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A heap-buffer-overflow in convert_strings
From: |
Thomas Dickey |
Subject: |
Re: A heap-buffer-overflow in convert_strings |
Date: |
Sat, 22 Aug 2020 16:45:01 -0400 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Thu, Aug 20, 2020 at 11:10:42AM +0800, 乐泰 wrote:
> Reporter: Tai
>
>
> Version: ncurses-6.2
> Command: toe
>
> Environment: Ubuntu 16.04 x86-64
...
> ==10095==ERROR: AddressSanitizer: heap-buffer-overflow on address
> 0x616000036add at pc 0x00000040278c bp 0x7ffdd40b20d0 sp 0x7ffdd40b20c0
as noted, not a buffer "overflow"
> READ of size 1 at 0x616000036add thread T0
>
> #0 0x40278b in convert_strings ../../ncurses/tinfo/read_entry.c:164
> #1 0x41523c in _nc_read_termtype ../../ncurses/tinfo/read_entry.c:371
> #2 0x41523c in _nc_read_file_entry ../../ncurses/tinfo/read_entry.c:567
> #3 0x407914 in typelist ../../progs/toe.c:438
> #4 0x404359 in main ../../progs/toe.c:735
> #5 0x7fc3756b782f in __libc_start_main
> (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
> #6 0x4056b8 in _start
> (/home/ubuntu/yuetai/test_programs/ncurses-6.2/asan-ins/bin/bin/toe+0x4056b8)
I'm not able to reproduce this using Debian 9, using either ncurses 6.2
or the current (20200808) snapshot.
If it's an Ubuntu-specific problem, Ubuntu has its own bug-reporting system.
--
Thomas E. Dickey <dickey@invisible-island.net>
https://invisible-island.net
ftp://ftp.invisible-island.net
signature.asc
Description: PGP signature