Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This file makes r2 feels bad #346

Closed
ghost opened this issue Nov 12, 2013 · 7 comments
Closed

This file makes r2 feels bad #346

ghost opened this issue Nov 12, 2013 · 7 comments

Comments

@ghost
Copy link

ghost commented Nov 12, 2013

https://www.dropbox.com/s/4lywr2jk9pcxkjn/exfat_fs.ko

[0x00003410]> s sym.exfat_fill_super
[0x00000f94]> pdf
*** buffer overflow detected ***: r2 - terminated
r2: buffer overflow attack in function - terminated
@zonkzonk
Copy link
Contributor

can you specify r2 -v and wat os ?

$ file exfat_fs.ko
exfat_fs.ko: ELF 32-bit LSB relocatable, ARM, EABI5 version 1 (SYSV), BuildID[sha1]=78b8e5a43ff5a4ce9375becff7df4d53123e710c, not stripped

@ghost
Copy link
Author

ghost commented Nov 12, 2013

r2 -v
radare2 0.9.7git @ linux-little-x86-64 git.0.9.6-2-g61d3add
commit: 61d3add build: 2013-11-11

Linux/x86_64

@ghost
Copy link
Author

ghost commented Nov 12, 2013

Ok, issue reproduces only after aa

@zonkzonk
Copy link
Contributor

cannot reproduce with latest build and aa

r2 -v
radare2 0.9.7git @ linux-little-x86-64 git.0.9.6-7-g2dc35ab
commit: 2dc35ab build: 2013-11-12

@ghost
Copy link
Author

ghost commented Nov 12, 2013

r2 -v
radare2 0.9.7git @ linux-little-x86-64 git.0.9.6-7-g2dc35ab
commit: 2dc35ab build: 2013-11-12
r2 -A exfat_fs.ko
Warning: Cannot initialize program headers
[0x00003410]> pdf@sym.exfat_fill_super
*** buffer overflow detected ***: r2 - terminated
r2: buffer overflow attack in function - terminated
Report to http://bugs.gentoo.org/
zsh: killed r2 -A exfat_fs.ko

@ghost
Copy link
Author

ghost commented Nov 12, 2013

Core was generated by `r2 -A exfat_fs.ko'.
Program terminated with signal 6, Aborted.
#0 0x00007fd79f49697a in __hardened_gentoo_chk_fail (damaged=0x0, func=0x0) at chk_fail.c:297
297 chk_fail.c: Нет такого файла или каталога.
(gdb) bt
#0 0x00007fd79f49697a in __hardened_gentoo_chk_fail (damaged=0x0, func=0x0) at chk_fail.c:297
#1 __GI___chk_fail () at chk_fail.c:313
#2 0x00007fd79f495108 in __strcat_chk (dest=dest@entry=0x7ffffdff03c0 "\033[36m│\033[36m", ' ' <repeats 46 times>, "\033[34m", src=src@entry=0x7fd7a2c2016f "; ", destlen=, destlen@entry=0x40) at strcat_chk.c:37
#3 0x00007fd7a2c06c70 in strcat (__src=0x7fd7a2c2016f "; ", __dest=0x7ffffdff03c0 "\033[36m│\033[36m", ' ' <repeats 46 times>, "\033[34m") at /usr/include/bits/string3.h:142
#4 r_core_print_disasm (p=0x1db3050, core=core@entry=0x606520 , addr=0xf94, buf=0x2897590 "\r\300\240\341\360\337-\351\004\260L\342d\320", <incomplete sequence \342>, len=0x520, l=0x270f, invbreak=0x0, cbytes=0x2) at disasm.c:510
#5 0x00007fd7a2be6a8c in cmd_print (data=0x606520 , input=0x2897561 "df") at cmd_print.c:714
#6 0x00007fd7a2bf0110 in r_core_cmd_subst_i (core=core@entry=0x606520 , cmd=cmd@entry=0x2897560 "pdf") at cmd.c:1214
#7 0x00007fd7a2be01cd in r_core_cmd_subst (core=core@entry=0x606520 , cmd=0x2897560 "pdf", cmd@entry=0x289ac70 "pdf@sym.exfat_fill_super ") at cmd.c:811
#8 0x00007fd7a2be039f in r_core_cmd (core=core@entry=0x606520 , cstr=, log=log@entry=0x1) at cmd.c:1396
#9 0x00007fd7a2bd8122 in r_core_prompt_exec (r=r@entry=0x606520 ) at core.c:699
#10 0x00000000004041b6 in main (argc=, argv=) at radare2.c:583

@ghost
Copy link
Author

ghost commented Nov 12, 2013

my .radare2rc:
e asm.syntax=att
e scr.utf8=true
e asm.lineswidth=20
fs strings

@radare radare closed this as completed in 737ac0f Nov 12, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zonkzonk