Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

anal crash #1781

Closed
crowell opened this issue Dec 4, 2014 · 2 comments
Closed

anal crash #1781

crowell opened this issue Dec 4, 2014 · 2 comments

Comments

@crowell
Copy link
Collaborator

crowell commented Dec 4, 2014

minishwoods ~/crashes » r2 ./id:000050,sig:11,src:000332,op:havoc,rep:4 -A
Warning: read (strtab) at 0xe00f0000
Warning: Cannot initialize strings table
[1]    2992 segmentation fault (core dumped)  r2 ./id:000050,sig:11,src:000332,op:havoc,rep:4 -A

backtrace

#0  memset () at ../sysdeps/x86_64/memset.S:78
#1  0x00007ffff5ea8836 in r_io_read_at (io=0x6a3270, addr=0xfffffffffffff167, buf=0x7fffffff3bb0 "ab", 
    len=0x1ff10057) at io.c:471
#2  0x00007ffff67c987a in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048165, buf=0x7fffffff5d50 "rtab", 
    len=0x1fa0, depth=0xd) at fcn.c:445
#3  0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048163, 
    buf=0x7fffffff7ef0 "strtab", len=0x1fa0, depth=0xe) at fcn.c:445
#4  0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x804815d, buf=0x7fffffffa090 "d", 
    len=0x1fa0, depth=0xf) at fcn.c:445
#5  0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048153, buf=0x6fcd30 "hello world", 
    len=0x1000, depth=0x10) at fcn.c:445
#6  0x00007ffff67c9caf in r_anal_fcn (anal=0x67fd10, fcn=0x6f9760, addr=0x8048153, buf=0x6fcd30 "hello world", 
    len=0x1000, reftype=0x0) at fcn.c:516
#7  0x00007ffff7b87dcf in r_core_anal_fcn (core=0x607580 <r>, at=0x8048153, from=0xffffffffffffffff, 
    reftype=0x0, depth=0xe) at anal.c:782
#8  0x00007ffff7b883d2 in r_core_anal_fcn (core=0x607580 <r>, at=0x8048076, from=0xffffffffffffffff, 
    reftype=0x0, depth=0xf) at anal.c:911
#9  0x00007ffff7b883d2 in r_core_anal_fcn (core=0x607580 <r>, at=0x8048074, from=0xffffffffffffffff, 
    reftype=0x0, depth=0x10) at anal.c:911
#10 0x00007ffff7b8abc9 in r_core_anal_all (core=0x607580 <r>) at anal.c:1526
#11 0x00007ffff7b43a6a in cmd_anal (data=0x607580 <r>, input=0x6d3611 "a") at cmd_anal.c:1900
#12 0x00007ffff7b83aa9 in r_cmd_call (cmd=0x6a8e10, input=0x6d3610 "aa") at cmd_api.c:179
#13 0x00007ffff7b61b95 in r_core_cmd_subst_i (core=0x607580 <r>, cmd=0x6d3610 "aa") at cmd.c:1370
#14 0x00007ffff7b5fff7 in r_core_cmd_subst (core=0x607580 <r>, cmd=0x6d3610 "aa") at cmd.c:923
#15 0x00007ffff7b62862 in r_core_cmd (core=0x607580 <r>, cstr=0x406091 "aa", log=0x0) at cmd.c:1576
#16 0x00007ffff7b62e55 in r_core_cmd0 (user=0x607580 <r>, cmd=0x406091 "aa") at cmd.c:1699
#17 0x0000000000404e75 in main (argc=0x3, argv=0x7fffffffde38, envp=0x7fffffffde58) at radare2.c:673
#18 0x00007ffff3f9cec5 in __libc_start_main (main=0x40311a <main>, argc=0x3, argv=0x7fffffffde38, 
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffde28)
    at libc-start.c:287
#19 0x0000000000402a79 in _start ()

the binary is here

f0VMRgEBAQAAAAAAAAAAAAIABQABAAAAdIAECDQAAACkAAAAAAAAADQAIAACACgABAADAAEAAAAA
AAAAAIAECACABAiAAAAAgAAAAAUAAAAAD+AAAQAAAIAAAACAkAQIgJAECAwAAAAMAAAAAAAAuyoA
AADNgGhlbGxvIHdvcmxkAAAuc2hzdHJ0YWIALnRleHQALmRhdGEAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAAQAAAAYAAAB0gAQIdAAAAAwAAAAAAAAAAAAAAAQA
AAAAAAAAEQAAAAEAAAADAAAAgJAECIAAAAAMAAAAAAAAAAAAAAEEAAAAAAAAAAEAAAADAAAAAAAA
AAAAAACMAAAAFwAABQAAAAAP4AABAAAAgAAAAICQBAiAkAQIDAAAAAwAAAAAAAC7KgAAAM2AaGVs
bG8gd29ybGQAAC5zaHN0cnRhYgAudGV4dAAuZGF0YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAsAAAABAAAABgAAAHSABAh0AAAADAAAAAAAAAAAAAAABAAAAAAAAAAR
AAAAAQAAAAMAAACAkAQIgAAAAAwAAAAAAAAAAAAAAQQAAAAAAAAAAQAAAAMAAAAAAAAAAAAAAIwA
AAAXAAAAAAAAAAAAAAABAAAAAAAAAA==
@radare
Copy link
Collaborator

radare commented Dec 4, 2014

awesome! nice catch! i’ll fix it in the train in few mins.

thanks

On 04 Dec 2014, at 04:34, Jeffrey Crowell notifications@github.com wrote:

minishwoods ~/crashes » r2 ./id:000050,sig:11,src:000332,op:havoc,rep:4 -A
Warning: read (strtab) at 0xe00f0000
Warning: Cannot initialize strings table
[1] 2992 segmentation fault (core dumped) r2 ./id:000050,sig:11,src:000332,op:havoc,rep:4 -A
backtrace

#0 memset () at ../sysdeps/x86_64/memset.S:78
#1 0x00007ffff5ea8836 in r_io_read_at (io=0x6a3270, addr=0xfffffffffffff167, buf=0x7fffffff3bb0 "ab",
len=0x1ff10057) at io.c:471
#2 0x00007ffff67c987a in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048165, buf=0x7fffffff5d50 "rtab",
len=0x1fa0, depth=0xd) at fcn.c:445
#3 0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048163,
buf=0x7fffffff7ef0 "strtab", len=0x1fa0, depth=0xe) at fcn.c:445
#4 0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x804815d, buf=0x7fffffffa090 "d",
len=0x1fa0, depth=0xf) at fcn.c:445
#5 0x00007ffff67c98b0 in fcn_recurse (anal=0x67fd10, fcn=0x6f9760, addr=0x8048153, buf=0x6fcd30 "hello world",
len=0x1000, depth=0x10) at fcn.c:445
#6 0x00007ffff67c9caf in r_anal_fcn (anal=0x67fd10, fcn=0x6f9760, addr=0x8048153, buf=0x6fcd30 "hello world",
len=0x1000, reftype=0x0) at fcn.c:516
#7 0x00007ffff7b87dcf in r_core_anal_fcn (core=0x607580 , at=0x8048153, from=0xffffffffffffffff,
reftype=0x0, depth=0xe) at anal.c:782
#8 0x00007ffff7b883d2 in r_core_anal_fcn (core=0x607580 , at=0x8048076, from=0xffffffffffffffff,
reftype=0x0, depth=0xf) at anal.c:911
#9 0x00007ffff7b883d2 in r_core_anal_fcn (core=0x607580 , at=0x8048074, from=0xffffffffffffffff,
reftype=0x0, depth=0x10) at anal.c:911
#10 0x00007ffff7b8abc9 in r_core_anal_all (core=0x607580 ) at anal.c:1526
#11 0x00007ffff7b43a6a in cmd_anal (data=0x607580 , input=0x6d3611 "a") at cmd_anal.c:1900
#12 0x00007ffff7b83aa9 in r_cmd_call (cmd=0x6a8e10, input=0x6d3610 "aa") at cmd_api.c:179
#13 0x00007ffff7b61b95 in r_core_cmd_subst_i (core=0x607580 , cmd=0x6d3610 "aa") at cmd.c:1370
#14 0x00007ffff7b5fff7 in r_core_cmd_subst (core=0x607580 , cmd=0x6d3610 "aa") at cmd.c:923
#15 0x00007ffff7b62862 in r_core_cmd (core=0x607580 , cstr=0x406091 "aa", log=0x0) at cmd.c:1576
#16 0x00007ffff7b62e55 in r_core_cmd0 (user=0x607580 , cmd=0x406091 "aa") at cmd.c:1699
#17 0x0000000000404e75 in main (argc=0x3, argv=0x7fffffffde38, envp=0x7fffffffde58) at radare2.c:673
#18 0x00007ffff3f9cec5 in __libc_start_main (main=0x40311a

, argc=0x3, argv=0x7fffffffde38,
init=, fini=, rtld_fini=, stack_end=0x7fffffffde28)
at libc-start.c:287
#19 0x0000000000402a79 in _start ()
the binary is here

f0VMRgEBAQAAAAAAAAAAAAIABQABAAAAdIAECDQAAACkAAAAAAAAADQAIAACACgABAADAAEAAAAA
AAAAAIAECACABAiAAAAAgAAAAAUAAAAAD+AAAQAAAIAAAACAkAQIgJAECAwAAAAMAAAAAAAAuyoA
AADNgGhlbGxvIHdvcmxkAAAuc2hzdHJ0YWIALnRleHQALmRhdGEAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAAQAAAAYAAAB0gAQIdAAAAAwAAAAAAAAAAAAAAAQA
AAAAAAAAEQAAAAEAAAADAAAAgJAECIAAAAAMAAAAAAAAAAAAAAEEAAAAAAAAAAEAAAADAAAAAAAA
AAAAAACMAAAAFwAABQAAAAAP4AABAAAAgAAAAICQBAiAkAQIDAAAAAwAAAAAAAC7KgAAAM2AaGVs
bG8gd29ybGQAAC5zaHN0cnRhYgAudGV4dAAuZGF0YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAsAAAABAAAABgAAAHSABAh0AAAADAAAAAAAAAAAAAAABAAAAAAAAAAR
AAAAAQAAAAMAAACAkAQIgAAAAAwAAAAAAAAAAAAAAQQAAAAAAAAAAQAAAAMAAAAAAAAAAAAAAIwA
AAAXAAAAAAAAAAAAAAABAAAAAAAAAA==

Reply to this email directly or view it on GitHub #1781.

@radare
Copy link
Collaborator

radare commented Dec 4, 2014

Fixed now in git

@radare radare closed this as completed Dec 4, 2014
yossizap pushed a commit to yossizap/radare2 that referenced this issue Dec 30, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants