AddressSanitizer pe/pe.c #2451

ghost · 2015-04-27T21:01:21Z

==11527==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62a00000b218 at pc 0x7f8219e8db1d bp 0x7fffebf9c1a0 sp 0x7fffebf9c190
READ of size 4 at 0x62a00000b218 thread T0
#0 0x7f8219e8db1c in Pe64_r_bin_pe_get_debug_data /home/revskills/dev/radare2/libr/..//libr/bin/p/../format/pe/pe.c:1895
#1 0x7f8219e7fd4c in info /home/revskills/dev/radare2/libr/..//libr/bin/p/bin_pe.c:358
#2 0x7f8219dd1951 in r_bin_object_set_items /home/revskills/dev/radare2/libr/bin/bin.c:419
#3 0x7f8219dd5196 in r_bin_object_new /home/revskills/dev/radare2/libr/bin/bin.c:940
#4 0x7f8219dd5e95 in r_bin_file_new_from_bytes /home/revskills/dev/radare2/libr/bin/bin.c:1051
#5 0x7f8219dd37ba in r_bin_load_io_at_offset_as_sz /home/revskills/dev/radare2/libr/bin/bin.c:642
#6 0x7f8219dd38ae in r_bin_load_io_at_offset_as /home/revskills/dev/radare2/libr/bin/bin.c:662
#7 0x7f8219dd2ce8 in r_bin_load_io /home/revskills/dev/radare2/libr/bin/bin.c:544
#8 0x7f821abc0075 in r_core_file_do_load_for_io_plugin /home/revskills/dev/radare2/libr/core/file.c:344
#9 0x7f821abc09ae in r_core_bin_load /home/revskills/dev/radare2/libr/core/file.c:476
#10 0x4061fd in main /home/revskills/dev/radare2/binr/radare2/radare2.c:573
#11 0x7f8215d31ec4 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
#12 0x4030f8 (/home/revskills/dev/radare2/binr/radare2/radare2+0x4030f8)

ASAN:SIGSEGV
==11527==AddressSanitizer

file from radare2-regressions: 2331 a22e88f3c391dbcb57a15a05ae24ed0a
radare2 0.9.9-git 7719 @ linux-little-x86-64 git.0.9.8-1369-gb0c520b
commit: b0c520b build: 2015-04-22

The text was updated successfully, but these errors were encountered:

ghost · 2015-04-27T21:06:03Z

Grouping some results:

==15159==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff409ae501 at pc 0x7f673097912c bp 0x7fff409adf40 sp 0x7fff409ad6e8
READ of size 271 at 0x7fff409ae501 thread T0
#0 0x7f673097912b in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x3412b)
#1 0x7f672f8694af in Pe32_r_bin_pe_parse_imports /home/revskills/dev/radare2/libr/..//libr/bin/p/../format/pe/pe.c:166
#2 0x7f672f876bad in Pe32_r_bin_pe_get_imports /home/revskills/dev/radare2/libr/..//libr/bin/p/../format/pe/pe.c:1926
#3 0x7f672f866221 in imports /home/revskills/dev/radare2/libr/..//libr/bin/p/bin_pe.c:206
#4 0x7f672f7ce8d6 in r_bin_object_set_items /home/revskills/dev/radare2/libr/bin/bin.c:418
#5 0x7f672f7d2196 in r_bin_object_new /home/revskills/dev/radare2/libr/bin/bin.c:940
#6 0x7f672f7d2e95 in r_bin_file_new_from_bytes /home/revskills/dev/radare2/libr/bin/bin.c:1051
#7 0x7f672f7d07ba in r_bin_load_io_at_offset_as_sz /home/revskills/dev/radare2/libr/bin/bin.c:642
#8 0x7f672f7d08ae in r_bin_load_io_at_offset_as /home/revskills/dev/radare2/libr/bin/bin.c:662
#9 0x7f672f7cfce8 in r_bin_load_io /home/revskills/dev/radare2/libr/bin/bin.c:544
#10 0x7f67305bd075 in r_core_file_do_load_for_io_plugin /home/revskills/dev/radare2/libr/core/file.c:344
#11 0x7f67305bd9ae in r_core_bin_load /home/revskills/dev/radare2/libr/core/file.c:476
#12 0x4061fd in main /home/revskills/dev/radare2/binr/radare2/radare2.c:573
#13 0x7f672b72eec4 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
#14 0x4030f8 (/home/revskills/dev/radare2/binr/radare2/radare2+0x4030f8)

0x7fff409ae501 is located 140734277280910 bytes to the rightASAN:SIGSEGV
==15159==AddressSanitizer:

file from radare2-regressions: CoST.exe 3272df5f32ad718286ba0a9ff70e6f8d
radare2 0.9.9-git 7719 @ linux-little-x86-64 git.0.9.8-1369-gb0c520b
commit: b0c520b build: 2015-04-22

radare closed this as completed Apr 27, 2015

radare added a commit that referenced this issue Apr 27, 2015

Fix #2451 - ASAN crash in PE parser

876ac12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AddressSanitizer pe/pe.c #2451

AddressSanitizer pe/pe.c #2451

ghost commented Apr 27, 2015

ghost commented Apr 27, 2015

AddressSanitizer pe/pe.c #2451

AddressSanitizer pe/pe.c #2451

Comments

ghost commented Apr 27, 2015

ghost commented Apr 27, 2015