Skip to content
This repository has been archived by the owner on Nov 28, 2022. It is now read-only.

Segmentation fault in _pbcP_message_default () #120

Open
EnchantedJohn opened this issue Jun 27, 2018 · 2 comments
Open

Segmentation fault in _pbcP_message_default () #120

EnchantedJohn opened this issue Jun 27, 2018 · 2 comments

Comments

@EnchantedJohn
Copy link

Hello.I use my company tool.I found two Segmentation Fault.There is first one.Then I want to provide more information.I hope will hope your guys.
@EnchantedJohn
Copy link
Author

then there is GDB information:

Starting program: /home/lx/github/6_27/pbc/pbc-master/build_old/decode /home/lx/DIVE/Trunk/bin/hfl/output/14514F865D17766477397D62147F4327E508FB/hfl-crash-164-\{rva_0x2071\}\{code_0xB\}\{access_0x10\}\{decode\}
file : [google.protobuf.FileDescriptorProto]  -> 
name : "test/descriptor.proto"
package : "google.prqtobuf"
message_type : [google.protobuf.DescriptorProto]  -> 
name : "FileD%lf
iptorSet"
field : [google.protobuf.FieldDescriptorProto]  -> 
---------
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
message_type : [google.protobuf.DescriptorProto]  -> 
---------
---------

Program received signal SIGSEGV, Segmentation fault.
0x0000000000402071 in _pbcP_message_default ()
(gdb) bt
#0  0x0000000000402071 in _pbcP_message_default ()
#1  0x0000000000403b21 in pbc_rmessage_integer ()
#2  0x00000000004012f9 in _register_field ()
#3  0x0000000000401763 in _register_message ()
#4  0x0000000000401840 in _register_message ()
#5  0x0000000000401c0d in pbc_register ()
#6  0x0000000000400ff5 in test_decode ()
#7  0x0000000000400bed in main ()
(gdb) i r
rax            0x0	0
rbx            0x0	0
rcx            0x0	0
rdx            0x7fffffffdeb0	140737488346800
rsi            0x408057	4227159
rdi            0x0	0
rbp            0x614628	0x614628
rsp            0x7fffffffde90	0x7fffffffde90
r8             0x1	1
r9             0x1f	31
r10            0x7ffff7b55390	140737349243792
r11            0x7ffff7b9bb01	140737349532417
r12            0x0	0
r13            0x408057	4227159
r14            0x614410	6374416
r15            0x1	1
rip            0x402071	0x402071 <_pbcP_message_default+1>
eflags         0x10246	[ PF ZF IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
(gdb) x/10i $pc
=> 0x402071 <_pbcP_message_default+1>:	mov    0x10(%rdi),%rdi
   0x402075 <_pbcP_message_default+5>:	mov    %rdx,%rbx
   0x402078 <_pbcP_message_default+8>:	callq  0x402cb0 <_pbcM_sp_query>
   0x40207d <_pbcP_message_default+13>:	test   %rax,%rax
   0x402080 <_pbcP_message_default+16>:	je     0x402096 <_pbcP_message_default+38>
   0x402082 <_pbcP_message_default+18>:	mov    0x18(%rax),%rsi
   0x402086 <_pbcP_message_default+22>:	mov    0x20(%rax),%rdi
   0x40208a <_pbcP_message_default+26>:	mov    0x10(%rax),%eax
   0x40208d <_pbcP_message_default+29>:	mov    %rsi,(%rbx)
   0x402090 <_pbcP_message_default+32>:	mov    %rdi,0x8(%rbx)

@NicoleG25
Copy link

Assigned CVE-2018-12916

any plans for fix?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@EnchantedJohn @NicoleG25