oss-sec mailing list archives
Re: suckless sent and libxft-dev 2.3.2-1 crash
From: Agostino Sarubbo <ago () gentoo org>
Date: Tue, 17 Nov 2015 09:26:26 +0100
On Monday 16 November 2015 23:47:16 Simon . wrote:
Hi, please review, whether this needs a CVE.
Compiling sent-0.1 with asan, shows this problem: $ touch asd $ ./sent asd ASAN:SIGSEGV ================================================================= ==6846==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000004dede9 bp 0x7ffecbaa9680 sp 0x7ffecbaa7210 T0) #0 0x4dede8 in configure /tmp/sent-0.1/sent.c:662:3 #1 0x4de243 in run /tmp/sent-0.1/sent.c:509:13 #2 0x4de243 in main /tmp/sent-0.1/sent.c:690 #3 0x7f65d55bb7af in __libc_start_main (/lib64/libc.so.6+0x207af) #4 0x436c48 in _start (/tmp/sent-0.1/sent+0x436c48) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /tmp/sent-0.1/sent.c:662 configure ==6846==ABORTING -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- suckless sent and libxft-dev 2.3.2-1 crash Simon . (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Tim (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Agostino Sarubbo (Nov 17)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Alan Coopersmith (Nov 17)