You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The command below may cause a global buffer overflow error when running catdoc
catdoc / /-v -wbawdd
Test Environment
Ubuntu 20.04, 64 bit catdoc (version: 0.95; )
How to trigger
Compile the program with AddressSanitizer
Run command $ catdoc / /-v -wbawdd
Details
ASAN report
$catdoc / /-v -wbawdd
=================================================================
==3560683==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000e5a820 at pc 0x0000004cfe18 bp 0x7fffffffde30 sp 0x7fffffffde28
WRITE of size 2 at 0x000000e5a820 thread T0
#0 0x4cfe17 in process_file /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/reader.c:177:20 #1 0x4d12a2 in analyze_format /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/analyze.c:38:10 #2 0x4cd221 in main /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/catdoc.c:180:6 #3 0x7ffff7c3b082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 #4 0x41d44d in _start (/home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/install/bin/catdoc+0x41d44d)
0x000000e5a820 is located 0 bytes to the right of global variable 'buffer' defined in 'reader.c:13:20' (0xdda820) of size 524288
SUMMARY: AddressSanitizer: global-buffer-overflow /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/reader.c:177:20 in process_file
Shadow bytes around the buggy address:
0x0000801c34b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0000801c3500: 00 00 00 00[f9]f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3510: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3520: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3530: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3540: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3550: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==3560683==ABORTING
The text was updated successfully, but these errors were encountered:
The command below may cause a global buffer overflow error when running catdoc
catdoc / /-v -wbawdd
Test Environment
Ubuntu 20.04, 64 bit catdoc (version: 0.95; )
How to trigger
Compile the program with AddressSanitizer
Run command $ catdoc / /-v -wbawdd
Details
ASAN report
$catdoc / /-v -wbawdd
=================================================================
==3560683==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000e5a820 at pc 0x0000004cfe18 bp 0x7fffffffde30 sp 0x7fffffffde28
WRITE of size 2 at 0x000000e5a820 thread T0
#0 0x4cfe17 in process_file /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/reader.c:177:20
#1 0x4d12a2 in analyze_format /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/analyze.c:38:10
#2 0x4cd221 in main /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/catdoc.c:180:6
#3 0x7ffff7c3b082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#4 0x41d44d in _start (/home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/install/bin/catdoc+0x41d44d)
0x000000e5a820 is located 0 bytes to the right of global variable 'buffer' defined in 'reader.c:13:20' (0xdda820) of size 524288
SUMMARY: AddressSanitizer: global-buffer-overflow /home/ned158/sp/Dataset/Catdoc/catdoc_aflpp/src/reader.c:177:20 in process_file
Shadow bytes around the buggy address:
0x0000801c34b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000801c34f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0000801c3500: 00 00 00 00[f9]f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3510: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3520: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3530: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3540: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
0x0000801c3550: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==3560683==ABORTING
The text was updated successfully, but these errors were encountered: