Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DEADLYSIGNAL on mjs.c:6275 #295

Open
LowryLan opened this issue Oct 29, 2024 · 0 comments
Open

DEADLYSIGNAL on mjs.c:6275 #295

LowryLan opened this issue Oct 29, 2024 · 0 comments

Comments

@LowryLan
Copy link

Enviroment

Ubuntu20.04, 64bit

Step to reproduce

  1. version
    9eae0e6
  2. compile with ASAN
`gcc -DMJS_MAIN mjs.c -fsanitize=address -ldl -g -o mjs-bin`
  1. command for reproducing the error
mjs-bin -f poc

Download poc:
mjs_invalid-memory-read_mjs6275.zip

ASAN info:

AddressSanitizer:DEADLYSIGNAL
``` =================================================================
==239472==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x7f07ef24cdcd bp 0x7ffd13f032e8 sp 0x7ffd13f03298 T0)
==239472==The signal is caused by a READ memory access.
==239472==Hint: this fault was caused by a dereference of a high value address (see register values below).  Dissassemble the provided pc to learn which register was used.
    #0 0x7f07ef24cdcd in _IO_str_init_static_internal /build/glibc-LcI20x/glibc-2.31/libio/strops.c:46
    #1 0x7f07ef244f89 in __vsnprintf_internal /build/glibc-LcI20x/glibc-2.31/libio/vsnprintf.c:113
    #2 0x7f07ef40f30d in __interceptor___vsnprintf_chk ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1669
    #3 0x563cfda6f710 in vsnprintf /usr/include/x86_64-linux-gnu/bits/stdio2.h:80
    #4 0x563cfda6f710 in json_vprintf /home/lowry/Documents/HTFuzz/program/mjs/code/mjs.c:6275
    #5 0x563cfda723fe in json_printf /home/lowry/Documents/HTFuzz/program/mjs/code/mjs.c:6372
    #6 0x563cfda96a5e in mjs_jprintf /home/lowry/Documents/HTFuzz/program/mjs/code/mjs.c:14408
    #7 0x563cfda97250 in mjs_fprintf /home/lowry/Documents/HTFuzz/program/mjs/code/mjs.c:14445
    #8 0x563cfda97250 in mjs_print /home/lowry/Documents/HTFuzz/program/mjs/code/mjs.c:7995
    #9 0xfffa27e0867  (<unknown module>)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/glibc-LcI20x/glibc-2.31/libio/strops.c:46 in _IO_str_init_static_internal
==239472==ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant