Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 424390 Details for
Bug 573574
<app-portage/portage-utils-0.62: qfile: stack buffer overflow when using -f/--from
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Asan output
file_573574.txt (text/plain), 9.42 KB, created by
Agostino Sarubbo
on 2016-02-01 10:17:44 UTC
(
hide
)
Description:
Asan output
Filename:
MIME Type:
Creator:
Agostino Sarubbo
Created:
2016-02-01 10:17:44 UTC
Size:
9.42 KB
patch
obsolete
># qfile -f qfile-OOB-crash.log >================================================================= >==12240==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffd067c1ac1 at pc 0x000000495bdc bp 0x7ffd067bd6f0 sp 0x7ffd067bceb0 >READ of size 4095 at 0x7ffd067c1ac1 thread T0 > #0 0x495bdb in strncpy /var/tmp/portage/sys-devel/llvm-3.7.1/work/llvm-3.7.1.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:632:5 > #1 0x4fb5b9 in prepare_qfile_args /tmp/portage/app-portage/portage-utils-0.60/work/portage-utils-0.60/./qfile.c:297:3 > #2 0x4fb5b9 in qfile_main /tmp/portage/app-portage/portage-utils-0.60/work/portage-utils-0.60/./qfile.c:530 > #3 0x4e7f22 in q_main /tmp/portage/app-portage/portage-utils-0.60/work/portage-utils-0.60/./q.c:79:10 > #4 0x4e7afe in main /tmp/portage/app-portage/portage-utils-0.60/work/portage-utils-0.60/main.c:1405:9 > #5 0x7f5ccc29e854 in __libc_start_main /tmp/portage/sys-libs/glibc-2.21-r1/work/glibc-2.21/csu/libc-start.c:289 > #6 0x4192f8 in _init (/usr/bin/q+0x4192f8) > >Address 0x7ffd067c1ac1 is located in stack of thread T0 at offset 17345 in frame > #0 0x4f8b3f in qfile_main /tmp/portage/app-portage/portage-utils-0.60/work/portage-utils-0.60/./qfile.c:394 > > This frame has 10 object(s): > [32, 4128) 'pkg.i' > [4256, 8353) 'rpath.i' > [8624, 8632) 'fullpath.i' > [8656, 8782) 'slot.i' > [8816, 8824) 'slot_hack.i' > [8848, 8856) 'slot_len.i' > [8880, 12977) 'tmppath.i' > [13248, 17345) 'abspath.i' > [17616, 17736) 'state' <== Memory access at offset 17345 partially underflows this variable > [17776, 17784) 'p' <== Memory access at offset 17345 partially underflows this variable >HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext > (longjmp and C++ exceptions *are* supported) >SUMMARY: AddressSanitizer: stack-buffer-overflow /var/tmp/portage/sys-devel/llvm-3.7.1/work/llvm-3.7.1.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:632:5 in strncpy >Shadow bytes around the buggy address: > 0x100020cf0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 0x100020cf0310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 0x100020cf0320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 0x100020cf0330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 0x100020cf0340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >=>0x100020cf0350: 00 00 00 00 00 00 00 00[01]f2 f2 f2 f2 f2 f2 f2 > 0x100020cf0360: f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 > 0x100020cf0370: f2 f2 f2 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 > 0x100020cf0380: 00 00 00 00 00 00 00 00 00 f2 f2 f2 f2 f2 00 f3 > 0x100020cf0390: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 > 0x100020cf03a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >Shadow byte legend (one shadow byte represents 8 application bytes): > Addressable: 00 > Partially addressable: 01 02 03 04 05 06 07 > Heap left redzone: fa > Heap right redzone: fb > Freed heap region: fd > Stack left redzone: f1 > Stack mid redzone: f2 > Stack right redzone: f3 > Stack partial redzone: f4 > Stack after return: f5 > Stack use after scope: f8 > Global redzone: f9 > Global init order: f6 > Poisoned by user: f7 > Container overflow: fc > Array cookie: ac > Intra object redzone: bb > ASan internal: fe > Left alloca redzone: ca > Right alloca redzone: cb >==12240==ABORTING
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=424390">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 573574
: 424390
