oss-sec mailing list archives
Re: suckless sent and libxft-dev 2.3.2-1 crash
From: Agostino Sarubbo <ago () gentoo org>
Date: Tue, 17 Nov 2015 09:26:26 +0100
On Monday 16 November 2015 23:47:16 Simon . wrote:
Hi, please review, whether this needs a CVE.
Compiling sent-0.1 with asan, shows this problem:
$ touch asd
$ ./sent asd
ASAN:SIGSEGV
=================================================================
==6846==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000
(pc 0x0000004dede9 bp 0x7ffecbaa9680 sp 0x7ffecbaa7210 T0)
#0 0x4dede8 in configure /tmp/sent-0.1/sent.c:662:3
#1 0x4de243 in run /tmp/sent-0.1/sent.c:509:13
#2 0x4de243 in main /tmp/sent-0.1/sent.c:690
#3 0x7f65d55bb7af in __libc_start_main (/lib64/libc.so.6+0x207af)
#4 0x436c48 in _start (/tmp/sent-0.1/sent+0x436c48)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /tmp/sent-0.1/sent.c:662 configure
==6846==ABORTING
--
Agostino Sarubbo
Gentoo Linux Developer
Current thread:
- suckless sent and libxft-dev 2.3.2-1 crash Simon . (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Tim (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Agostino Sarubbo (Nov 17)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Alan Coopersmith (Nov 17)