SIGSEGV on freeing json value #25

mittorn · 2020-05-27T17:45:22Z

jfes_parse_to_value(&config, file, len, &root);
jfes_free_value(&config, &root);

Program received signal SIGSEGV, Segmentation fault.
0x000055555557345a in jfes_free_value (config=0x7ffffff7cdd0, value=0x603000029f80) at jfes.c:1276
1276                    jfes_value_t *item = value->data.array_val->items[i];
(gdb) bt
#0  0x000055555557345a in jfes_free_value (config=0x7ffffff7cdd0, value=0x603000029f80) at jfes.c:1276
#1  0x0000555555573a4c in jfes_free_value (config=0x7ffffff7cdd0, value=0x60300002a040) at jfes.c:1293
#2  0x0000555555573a4c in jfes_free_value (config=0x7ffffff7cdd0, value=0x60300002a1c0) at jfes.c:1293
#3  0x0000555555573a4c in jfes_free_value (config=0x7ffffff7cdd0, value=0x60300002a310) at jfes.c:1293
#4  0x0000555555573483 in jfes_free_value (config=0x7ffffff7cdd0, value=0x60300002a340) at jfes.c:1277
#5  0x0000555555573a4c in jfes_free_value (config=0x7ffffff7cdd0, value=0x7ffffff7ce10) at jfes.c:1293

The text was updated successfully, but these errors were encountered:

mittorn · 2020-05-27T17:49:26Z

jfes.c:437:29: runtime error: signed integer overflow: 500536217 * 10 cannot be represented in type 'int'
1
jfes.c:1276:31: runtime error: load of misaligned address 0xbebebebebebebebe for type 'struct jfes_value_t *', which requires 8 byte alignment
0xbebebebebebebebe: note: pointer points here
<memory cannot be printed>

(gdb) print value->data.array_val->items
$5 = (jfes_value_t **) 0xbebebebebebebebe

asan marked freed bytes by BE

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SIGSEGV on freeing json value #25

SIGSEGV on freeing json value #25

mittorn commented May 27, 2020

mittorn commented May 27, 2020

SIGSEGV on freeing json value #25

SIGSEGV on freeing json value #25

Comments

mittorn commented May 27, 2020

mittorn commented May 27, 2020