Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV at /xs/sources/xsBigInt.c:1182 #485

Closed
kvenux opened this issue Oct 22, 2020 · 2 comments
Closed

SEGV at /xs/sources/xsBigInt.c:1182 #485

kvenux opened this issue Oct 22, 2020 · 2 comments
Labels
confirmed issue reported has been reproduced fixed - please verify Issue has been fixed. Please verify and close.

Comments

@kvenux
Copy link

kvenux commented Oct 22, 2020

Build environment:

Ubuntu 16.04
gcc 5.4.0
xst version: 748fda9
build command:
cd /path/to/moddable/xs/makefiles/lin
make
test command: ./xst poc

Target device:

Desktop Linux

POC

xs-new-000028.txt

Description

Below is the ASAN outputs.

ASAN:SIGSEGV

==88944==ERROR: AddressSanitizer: SEGV on unknown address 0x7f2ff591a8af (pc 0x7f2ff1ecc964 bp 0x7ffd3222eb30 sp 0x7ffd3222e2b8 T0)
#0 0x7f2ff1ecc963 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xaa963)
#1 0x7f2ff1eaee8d in __asan_memmove (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8ce8d)
#2 0x4e0116 in memmove /usr/include/x86_64-linux-gnu/bits/string3.h:59
#3 0x4e0116 in fxBigInt_ulsl1 /home/keven/Fuzzing/moddable-new/xs/sources/xsBigInt.c:1182
#4 0x4f4514 in fx_BigInt_asUintN /home/keven/Fuzzing/moddable-new/xs/sources/xsBigInt.c:167
#5 0x7e7d41 in fxRunID /home/keven/Fuzzing/moddable-new/xs/sources/xsRun.c:769
#6 0x850672 in fxRunScript /home/keven/Fuzzing/moddable-new/xs/sources/xsRun.c:4606
#7 0xa31992 in fxRunProgramFile /home/keven/Fuzzing/moddable-new/xs/tools/xst.c:1398
#8 0x41902a in main /home/keven/Fuzzing/moddable-new/xs/tools/xst.c:290
#9 0x7f2ff155283f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
#10 0x41bb98 in _start (/home/keven/Fuzzing/moddable-new/build/bin/lin/debug/xst+0x41bb98)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 ??
==88944==ABORTING

@phoddie phoddie added the confirmed issue reported has been reproduced label Oct 22, 2020
mkellner pushed a commit that referenced this issue Nov 5, 2020
@phoddie phoddie added the fixed - please verify Issue has been fixed. Please verify and close. label Nov 5, 2020
@phoddie
Copy link
Collaborator

phoddie commented Nov 5, 2020

BigInt data are limited to 65535 32-bit unsigned integers but XS did not check.

@phoddie
Copy link
Collaborator

phoddie commented Nov 5, 2020

Hey @kvenux, we really appreciate your steady stream of reports. Each one of them helps make XS a little more robust and secure for everyone. We'd like to send you a Moddable t-shirt to say thank you. Just drop an email to [email protected] with your mailing address and size.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
confirmed issue reported has been reproduced fixed - please verify Issue has been fixed. Please verify and close.
Projects
None yet
Development

No branches or pull requests

2 participants