Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Evil Memory Adress Read in export_function #20

Open
haruki3hhh opened this issue Mar 6, 2024 · 0 comments
Open

Evil Memory Adress Read in export_function #20

haruki3hhh opened this issue Mar 6, 2024 · 0 comments

Comments

@haruki3hhh
Copy link

version

e81176b

compile

make vmir.asan

asan report

root@9dc6ce043bcb:~/Ablation/vmir/crashes# ../vmir.asan id:000008,sig:11,src:000000,op:int32,pos:13,val:+64
Declared memory size:2
AddressSanitizer:DEADLYSIGNAL
=================================================================
==4108488==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x562ea34af6f3 bp 0x7fff471067d0 sp 0x7fff471067a0 T0)
==4108488==The signal is caused by a READ memory access.
==4108488==Hint: address points to the zero page.
    #0 0x562ea34af6f2 in export_function src/vmir_wasm_parser.c:394
    #1 0x562ea34af7c3 in wasm_parse_section_exports src/vmir_wasm_parser.c:411
    #2 0x562ea34b699b in wasm_parse_module src/vmir_wasm_parser.c:1419
    #3 0x562ea34b91a0 in vmir_load src/vmir.c:920
    #4 0x562ea34209c9 in main src/main.c:166
    #5 0x7fb601ab4082 in __libc_start_main ../csu/libc-start.c:308
    #6 0x562ea341fd2d in _start (/root/Ablation/vmir/vmir.asan+0x12d2d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV src/vmir_wasm_parser.c:394 in export_function
==4108488==ABORTING

reproduce

./vmir https://github.com/haruki3hhh/fuzzing/blob/main/vmir/id%3A000008%2Csig%3A11%2Csrc%3A000000%2Cop%3Aint32%2Cpos%3A13%2Cval%3A%2B64

@haruki3hhh haruki3hhh changed the title Evil Memory Adress Write in export_function Evil Memory Adress Read in export_function Mar 6, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant