待辦事項 #43398

Assertion failed in function add_sq

啟用日期: 2021-12-13 00:16 最後更新: 2021-12-16 01:08

回報者:
(匿名)
負責人:
類型:
狀態:
關閉
元件:
里程碑:
(無)
優先權:
5 - 中
嚴重程度:
5 - 中
處理結果:
修正
檔案:
Vote
Score: 0
No votes
0.0% (0/0)
0.0% (0/0)

細節

Reproduced with the following script.

<<`'`

Debug build outputs:

Assertion failed: (false), function add_sq, file expand.c, line 1692.

Ticket History (3/3 Histories)

2021-12-13 00:16 Updated by: None
  • New Ticket "Assertion failed in function add_sq" created
2021-12-14 01:19 Updated by: l2dy
評語

This is a heap-buffer-overflow bug in non-debug builds.

=================================================================
==52743==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000000e0 at pc 0x00000057adca bp 0x7ffd3a5a00b0 sp 0x7ffd3a5a00a8
READ of size 4 at 0x6020000000e0 thread T0
    #0 0x57adc9 in unquote /home/ubuntu/repos/yash/expand.c:1823:10
    #1 0x5ad487 in read_heredoc_contents_without_expansion /home/ubuntu/repos/yash/parser.c:3167:20
    #2 0x5ad487 in read_heredoc_contents /home/ubuntu/repos/yash/parser.c:3159:2
    #3 0x593694 in next_line /home/ubuntu/repos/yash/parser.c:1736:2
    #4 0x593694 in parse_command_list /home/ubuntu/repos/yash/parser.c:1840:3
    #5 0x592969 in read_and_parse /home/ubuntu/repos/yash/parser.c:761:19

0x6020000000e0 is located 0 bytes to the right of 16-byte region [0x6020000000d0,0x6020000000e0)
allocated by thread T0 here:
    #0 0x522efd in malloc (/home/ubuntu/repos/yash/parser_fuzzer+0x522efd)
    #1 0x5dd4d8 in xmalloc /home/ubuntu/repos/yash/./util.h:108:20
    #2 0x5dd4d8 in xmallocn /home/ubuntu/repos/yash/./util.h:118:12
    #3 0x5dd4d8 in xmalloce /home/ubuntu/repos/yash/./util.h:125:12
    #4 0x5dd4d8 in xwcsndup /home/ubuntu/repos/yash/util.c:95:23
    #5 0x5bc1bf in tryparse_redirect /home/ubuntu/repos/yash/parser.c:2311:2
    #6 0x5af838 in parse_simple_command_tokens /home/ubuntu/repos/yash/parser.c:2099:22
    #7 0x5af838 in parse_command /home/ubuntu/repos/yash/parser.c:2059:23
    #8 0x5af838 in parse_commands_in_pipeline /home/ubuntu/repos/yash/parser.c:2002:17
    #9 0x593e27 in parse_pipeline /home/ubuntu/repos/yash/parser.c:1979:6
    #10 0x593e27 in parse_pipelines_in_and_or /home/ubuntu/repos/yash/parser.c:1926:18
    #11 0x593e27 in parse_and_or_list /home/ubuntu/repos/yash/parser.c:1904:21
    #12 0x593e27 in parse_command_list /home/ubuntu/repos/yash/parser.c:1868:17
    #13 0x592969 in read_and_parse /home/ubuntu/repos/yash/parser.c:761:19

Line numbers are from r4178

(Edited, 2021-12-15 23:00 Updated by: l2dy)
2021-12-16 01:08 Updated by: magicant
  • 狀態 Update from 開啟 to 關閉
  • 負責人 Update from (無) to magicant
  • 處理結果 Update from to 修正
  • 元件 Update from (無) to shell-main
評語

Thank you for reporting the bug.

Fixed in r4179 (and r4180).

Attachment File List

No attachments

編輯

You are not logged in. I you are not logged in, your comment will be treated as an anonymous post. » 登入