The Samba-Bugzilla – Attachment 15130 Details for
Bug 13934
AddressSanitizer: heap-buffer-overflow in check_tdb_action
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
ASAN error report
asan_009.txt (text/plain), 4.51 KB, created by
Gary Lockyer
on 2019-05-08 22:06:06 UTC
(
hide
)
Description:
ASAN error report
Filename:
MIME Type:
Creator:
Gary Lockyer
Created:
2019-05-08 22:06:06 UTC
Size:
4.51 KB
patch
obsolete
>[439(3531)/2471 at 1h4s, 2 errors] samba3.blackbox.net.local.registry(nt4_dc:local) >^[OS[440(3550)/2471 at 1h10s, 2 errors] samba3.blackbox.net.registry.check(nt4_dc:local) >UNEXPECTED(failure): samba3.blackbox.net.registry.check.simple(nt4_dc:local) >REASON: Exception: Exception: ================================================================= > ==13640==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60b000012165 at pc 0x7fd12c0dcf54 bp 0x7fffdd10ff30 sp 0x7fffdd10f6d8 READ of size 22 at 0x60b000012165 thread T0 #0 0x7fd12c0dcf53 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53) > #1 0x7fd1298d9da1 in srprs_str ../../source3/lib/srprs.c:52 > #2 0x5586f9d3b225 in check_tdb_action ../../source3/utils/net_registry_check.c:737 > #3 0x7fd123022da8 in db_tdb_traverse_read_func ../../lib/dbwrap/dbwrap_tdb.c:386 > #4 0x7fd12abb5e7d in tdb_traverse_internal ../../lib/tdb/common/traverse.c:222 #5 > 0x7fd12abb63ee in tdb_traverse_read ../../lib/tdb/common/traverse.c:254 > #6 0x7fd12302393a in db_tdb_traverse_read ../../lib/dbwrap/dbwrap_tdb.c:400 > #7 0x7fd12301b515 in dbwrap_traverse_read ../../lib/dbwrap/dbwrap.c:376 > #8 0x5586f9d3d473 in net_registry_check_db ../../source3/utils/net_registry_check.c:1290 > #9 0x5586f9d301ec in net_registry_check ../../source3/utils/net_registry.c:1546 > #10 0x5586f9d22d58 in net_run_function ../../source3/utils/net_util.c:509 > #11 0x5586f9d37cae in net_registry ../../source3/utils/net_registry.c:1716 > #12 0x5586f9d22d58 in net_run_function ../../source3/utils/net_util.c:509 > #13 0x5586f9c8a381 in main ../../source3/utils/net.c:1391 > #14 0x7fd120e25b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) > #15 0x5586f9c69379 in _start (/home/gary/projects/samba04/bin/default/source3/utils/net+0x90379) 0x60b000012165 is located 0 bytes to the right of 101-byte region [0x60b000012100,0x60b000012165) allocated by thread T0 here: > #0 0x7fd12c10bb50 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb50) > #1 0x7fd12a734b1f in __talloc_with_prefix ../../lib/talloc/talloc.c:782 > #2 0x7fd12a734b1f in __talloc ../../lib/talloc/talloc.c:824 > #3 0x7fd12a734b1f in __talloc_strlendup ../../lib/talloc/talloc.c:2455 > #4 0x7fd12a734b1f in talloc_strndup ../../lib/talloc/talloc.c:2480 > #5 0x5586f9d3b05f in check_tdb_action ../../source3/utils/net_registry_check.c:725 > #6 0x7fd123022da8 in db_tdb_traverse_read_func ../../lib/dbwrap/dbwrap_tdb.c:386 > #7 0x7fd12abb5e7d in tdb_traverse_internal ../../lib/tdb/common/traverse.c:222 > #8 0x7fd12abb63ee in tdb_traverse_read ../../lib/tdb/common/traverse.c:254 > #9 0x7fd12302393a in db_tdb_traverse_read ../../lib/dbwrap/dbwrap_tdb.c:400 > #10 0x7fd12301b515 in dbwrap_traverse_read ../../lib/dbwrap/dbwrap.c:376 > #11 0x5586f9d3d473 in net_registry_check_db ../../source3/utils/net_registry_check.c:1290 > #12 0x5586f9d301ec in net_registry_check ../../source3/utils/net_registry.c:1546 > #13 0x5586f9d22d58 in net_run_function ../../source3/utils/net_util.c:509 > #14 0x5586f9d37cae in net_registry ../../source3/utils/net_registry.c:1716 > #15 0x5586f9d22d58 in net_run_function ../../source3/utils/net_util.c:509 > #16 0x5586f9c8a381 in main ../../source3/utils/net.c:1391 > #17 0x7fd120e25b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) > > SUMMARY: AddressSanitizer: heap-buffer-overflow (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53) Shadow bytes around the buggy address: 0x0c167fffa3d0: fd fd fd fd fd fa fa fa fa fa fa fa fa fa fd fd 0x0c167fffa3e0: fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa 0x0c167fffa3f0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd 0x0c167fffa400: fd fd fa fa fa fa fa fa fa fa fd fd fd fd fd fd 0x0c167fffa410: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa =>0x0c167fffa420: 00 00 00 00 00 00 00 00 00 00 00 00[05]fa fa fa 0x0c167fffa430: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c167fffa440: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c167fffa450: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c167fffa460: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c167fffa470: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==13640==ABORTING >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 13934
: 15130