You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It contains the string "fR". Test: radare2 -q -i [script] /dev/null
Found with american fuzzy lop.
Address Sanitizer trace:
==7159==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000016871 at pc 0x7f35c21507d0 bp 0x7fff1db3d3c0 sp 0x7fff1db3d390
READ of size 1 at 0x602000016871 thread T0
#0 0x7f35c21507cf in index (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.2/libasan.so.1+0x347cf)
#1 0x7f35c1aa4290 in cmd_flag /f/radare2/radare2/libr/core/cmd_flag.c:120
#2 0x7f35c1ae5096 in r_core_cmd_subst_i /f/radare2/radare2/libr/core/cmd.c:1590
#3 0x7f35c1a4909c in r_core_cmd_subst /f/radare2/radare2/libr/core/cmd.c:1081
#4 0x7f35c1a4a182 in r_core_cmd /f/radare2/radare2/libr/core/cmd.c:1938
#5 0x7f35c1a4d084 in r_core_cmd_lines /f/radare2/radare2/libr/core/cmd.c:1989
#6 0x7f35c1a4d2f4 in r_core_cmd_file /f/radare2/radare2/libr/core/cmd.c:2001
#7 0x7f35c1a5028b in r_core_run_script /f/radare2/radare2/libr/core/cmd.c:373
#8 0x4054bc in main /f/radare2/radare2/binr/radare2/radare2.c:729
#9 0x7f35bbfb3f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
#10 0x40a4d3 (/mnt/ram/radare2/radare2+0x40a4d3)
0x602000016871 is located 0 bytes to the right of 1-byte region [0x602000016870,0x602000016871)
allocated by thread T0 here:
#0 0x7f35c21736f7 in malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.2/libasan.so.1+0x576f7)
#1 0x7f35bc015789 in strdup (/lib64/libc.so.6+0x81789)
SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 index
Shadow bytes around the buggy address:
0x0c047fffacb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fffacc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fffacd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047ffface0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fffacf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fffad00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[01]fa
0x0c047fffad10: fa fa 01 fa fa fa 03 fa fa fa 03 fa fa fa 03 fa
0x0c047fffad20: fa fa fd fa fa fa fd fd fa fa 06 fa fa fa fd fa
0x0c047fffad30: fa fa 05 fa fa fa fd fa fa fa 06 fa fa fa fd fa
0x0c047fffad40: fa fa 03 fa fa fa fd fa fa fa 04 fa fa fa fd fa
0x0c047fffad50: fa fa fd fa fa fa 04 fa fa fa fd fa fa fa fd fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Contiguous container OOB:fc
ASan internal: fe
==7159==ABORTING
The text was updated successfully, but these errors were encountered:
This script causes an out of bounds heap read:
https://crashes.fuzzing-project.org/radare2-script-oob-heap-read-cmd_flag
It contains the string "fR". Test: radare2 -q -i [script] /dev/null
Found with american fuzzy lop.
Address Sanitizer trace:
The text was updated successfully, but these errors were encountered: