[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ncurses-bug
Subject:    Re: Bug: heap-buffer-overflow of function one_one_mapping
From:       "bugreporting () qiushi ! ac ! cn" <bugreporting () qiushi ! ac ! cn>
Date:       2019-10-12 2:40:46
Message-ID: 2019101210404605538549 () qiushi ! ac ! cn+85DD25134FA62BC2
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

[Attachment #4 (text/plain)]

Sorry that I wrongly post the valgrind report for poc1 to the mail for poc5, I will \
post it again (removing useless lines) for better tracking.

Step 13/19 : RUN valgrind -v /tmp/noasan/infotocap fuzzpoc/infotocap_poc1 || exit 0
 ---> Running in bce32ed27872
==6== Invalid read of size 1
==6==    at 0x4409DC: one_one_mapping (dump_entry.c:1399)
==6==    by 0x4409DC: purged_acs (dump_entry.c:1425)
==6==    by 0x4409DC: dump_entry (dump_entry.c:1587)
==6==    by 0x4045BA: main (tic.c:1039)
==6==  Address 0x520c54e is 0 bytes after a block of size 1,742 alloc'd
==6==    at 0x4C2DB8F: malloc (in \
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==6==    by 0x4F847F: \
_nc_wrap_entry (alloc_entry.c:177) ==6==    by 0x4BB4F5: _nc_parse_entry \
(parse_entry.c:601) ==6==    by 0x4A892B: _nc_read_entry_source (comp_parse.c:225)
==6==    by 0x4037C8: main (tic.c:961)
==6==
infotocap: JE10JPYZY0KHHP5FIR1DBKQT1E66TKOBH3SH7ZYOREACE6FN24I0ZBGMQM2XLEDU3I6H5YUWJE5 \
SDR4DVG3W6WU5I82SHPLZCC6W2HLWKPAM5FJFDWZZJIF6UKF8WW4CXU1Y4G29DRZ1A2ECW9OC8E9YZS7JGCQ0W \
64123X6QQQIBXL7KQ3DXM0BFY6Q812JEJ3E2FJPGJ9P4TQJ33Z6HKCDV49L4GYY2DIH9614IFMKHNSKEBLC9WV \
AANHM0EH0J81MAKX3D48DVAX0LR2SMRA5Q8NCN9MAEKXCBIK8GGBCIPJ325R33I5XPCX1R3239A0MHC2E480GF \
JFRDM2GNJR2B22O6R8DN9X7ZPD8XX9YJLNF083ZZWAVEI7Y4AHBX8TCLMA5KYOCJ4O5ASVERDE0J0KNMVDO437 \
HEU3AWJEO89ZCM512BNMGB9VNDB3J95ZPZ7J409YF7C1ZX7UVQJ9VBZX3KYINC52TI7PV2N1NFUJFJIHVTOMSAWS7219X \
entry is 1684 bytes long ==6== Invalid read of size 8
==6==    at 0x44F5E7: _nc_find_entry (comp_hash.c:70)
==6==    by 0x42D90D: nametrans (dump_entry.c:174)
==6==    by 0x40556F: put_translate (tic.c:339)
==6==    by 0x40556F: main (tic.c:1033)
==6==  Address 0x524ac70 is 206,112 bytes inside an unallocated block of size \
4,110,480 in arena "client" ==6==
==6== Invalid read of size 1
==6==    at 0x4ED9570: __strcmp_sse2_unaligned (strcmp-sse2-unaligned.S:24)
==6==    by 0x44CF30: compare_info_names (comp_captab.c:3393)
==6==    by 0x44F5ED: _nc_find_entry (comp_hash.c:70)
==6==    by 0x42D90D: nametrans (dump_entry.c:174)
==6==    by 0x40556F: put_translate (tic.c:339)
==6==    by 0x40556F: main (tic.c:1033)
==6==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6==
==6==
==6== Process terminating with default action of signal 11 (SIGSEGV)
==6==  Access not within mapped region at address 0x0
==6==    at 0x4ED9570: __strcmp_sse2_unaligned (strcmp-sse2-unaligned.S:24)
==6==    by 0x44CF30: compare_info_names (comp_captab.c:3393)
==6==    by 0x44F5ED: _nc_find_entry (comp_hash.c:70)
==6==    by 0x42D90D: nametrans (dump_entry.c:174)
==6==    by 0x40556F: put_translate (tic.c:339)
==6==    by 0x40556F: main (tic.c:1033)
==6==  If you believe this happened as a result of a stack
==6==  overflow in your program's main thread (unlikely but
==6==  possible), you can try to increase the size of the
==6==  main thread stack using the --main-stacksize= flag.
==6==  The main thread stack size used in this run was 8388608.

==6== HEAP SUMMARY:
==6==     in use at exit: 51,866 bytes in 35 blocks
==6==   total heap usage: 56 allocs, 21 frees, 79,904 bytes allocated
==6==
==6== Searching for pointers to 35 not-freed blocks
==6== Checked 106,600 bytes
==6==
==6== LEAK SUMMARY:
==6==    definitely lost: 0 bytes in 0 blocks
==6==    indirectly lost: 0 bytes in 0 blocks
==6==      possibly lost: 0 bytes in 0 blocks
==6==    still reachable: 51,866 bytes in 35 blocks
==6==         suppressed: 0 bytes in 0 blocks
==6== Rerun with --leak-check=full to see details of leaked memory
==6==
==6== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
==6==
==6== 1 errors in context 1 of 3:
==6== Invalid read of size 1
==6==    at 0x4ED9570: __strcmp_sse2_unaligned (strcmp-sse2-unaligned.S:24)
==6==    by 0x44CF30: compare_info_names (comp_captab.c:3393)
==6==    by 0x44F5ED: _nc_find_entry (comp_hash.c:70)
==6==    by 0x42D90D: nametrans (dump_entry.c:174)
==6==    by 0x40556F: put_translate (tic.c:339)
==6==    by 0x40556F: main (tic.c:1033)
==6==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6==
==6==
==6== 1 errors in context 2 of 3:
==6== Invalid read of size 8
==6==    at 0x44F5E7: _nc_find_entry (comp_hash.c:70)
==6==    by 0x42D90D: nametrans (dump_entry.c:174)
==6==    by 0x40556F: put_translate (tic.c:339)
==6==    by 0x40556F: main (tic.c:1033)
==6==  Address 0x524ac70 is 206,112 bytes inside an unallocated block of size \
4,110,480 in arena "client" ==6==
==6==
==6== 1 errors in context 3 of 3:
==6== Invalid read of size 1
==6==    at 0x4409DC: one_one_mapping (dump_entry.c:1399)
==6==    by 0x4409DC: purged_acs (dump_entry.c:1425)
==6==    by 0x4409DC: dump_entry (dump_entry.c:1587)
==6==    by 0x4045BA: main (tic.c:1039)
==6==  Address 0x520c54e is 0 bytes after a block of size 1,742 alloc'd
==6==    at 0x4C2DB8F: malloc (in \
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==6==    by 0x4F847F: \
_nc_wrap_entry (alloc_entry.c:177) ==6==    by 0x4BB4F5: _nc_parse_entry \
(parse_entry.c:601) ==6==    by 0x4A892B: _nc_read_entry_source (comp_parse.c:225)
==6==    by 0x4037C8: main (tic.c:961)
==6==
==6== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
/bin/bash: line 1:     6 Segmentation fault      valgrind -v /tmp/noasan/infotocap \
fuzzpoc/infotocap_poc1


[Attachment #5 (text/html)]

<html><head><meta http-equiv="content-type" content="text/html; \
charset=us-ascii"><style>body { line-height: 1.5; }body { font-size: 10.5pt; \
font-family: 'Microsoft YaHei UI'; color: rgb(0, 0, 0); line-height: 1.5; \
}</style></head><body> <div><span></span>Sorry that I wrongly post the valgrind \
report for poc1 to the mail for poc5, I will post it again (removing useless lines) \
for better tracking.</div><div><br></div><div><span style="font-family: &quot;" \
microsoft="" yahei="" ui'";="" font-size:="" 14px;="" color:="" rgb(0,="" 0,="" \
0);="" background-color:="" rgba(0,="" font-weight:="" normal;="" font-style:="" \
normal;text-decoration:="" \
none;'="">Step&nbsp;13/19&nbsp;:&nbsp;RUN&nbsp;valgrind&nbsp;-v&nbsp;/tmp/noasan/infot \
ocap&nbsp;fuzzpoc/infotocap_poc1&nbsp;||&nbsp;exit&nbsp;0<br>&nbsp;---&gt;&nbsp;Runnin \
g&nbsp;in&nbsp;bce32ed27872<br>==6==&nbsp;Invalid&nbsp;read&nbsp;of&nbsp;size&nbsp;1<b \
r>==6==&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x4409DC:&nbsp;one_one_mapping&nbsp;(dump_entry \
.c:1399)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4409DC:&nbsp;purged_acs&nbsp;(dump_ \
entry.c:1425)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4409DC:&nbsp;dump_entry&nbsp;( \
dump_entry.c:1587)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4045BA:&nbsp;main&nbsp;(t \
ic.c:1039)<br>==6==&nbsp;&nbsp;Address&nbsp;0x520c54e&nbsp;is&nbsp;0&nbsp;bytes&nbsp;a \
fter&nbsp;a&nbsp;block&nbsp;of&nbsp;size&nbsp;1,742&nbsp;alloc'd<br>==6==&nbsp;&nbsp;& \
nbsp;&nbsp;at&nbsp;0x4C2DB8F:&nbsp;malloc&nbsp;(in&nbsp;/usr/lib/valgrind/vgpreload_me \
mcheck-amd64-linux.so)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4F847F:&nbsp;_nc_wrap \
_entry&nbsp;(alloc_entry.c:177)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4BB4F5:&nbsp \
;_nc_parse_entry&nbsp;(parse_entry.c:601)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4A \
892B:&nbsp;_nc_read_entry_source&nbsp;(comp_parse.c:225)<br>==6==&nbsp;&nbsp;&nbsp;&nb \
sp;by&nbsp;0x4037C8:&nbsp;main&nbsp;(tic.c:961)<br>==6==<br>infotocap:&nbsp;JE10JPYZY0 \
KHHP5FIR1DBKQT1E66TKOBH3SH7ZYOREACE6FN24I0ZBGMQM2XLEDU3I6H5YUWJE5SDR4DVG3W6WU5I82SHPLZ \
CC6W2HLWKPAM5FJFDWZZJIF6UKF8WW4CXU1Y4G29DRZ1A2ECW9OC8E9YZS7JGCQ0W64123X6QQQIBXL7KQ3DXM \
0BFY6Q812JEJ3E2FJPGJ9P4TQJ33Z6HKCDV49L4GYY2DIH9614IFMKHNSKEBLC9WVAANHM0EH0J81MAKX3D48D \
VAX0LR2SMRA5Q8NCN9MAEKXCBIK8GGBCIPJ325R33I5XPCX1R3239A0MHC2E480GFJFRDM2GNJR2B22O6R8DN9 \
X7ZPD8XX9YJLNF083ZZWAVEI7Y4AHBX8TCLMA5KYOCJ4O5ASVERDE0J0KNMVDO437HEU3AWJEO89ZCM512BNMG \
B9VNDB3J95ZPZ7J409YF7C1ZX7UVQJ9VBZX3KYINC52TI7PV2N1NFUJFJIHVTOMSAWS7219X&nbsp;entry&nb \
sp;is&nbsp;1684&nbsp;bytes&nbsp;long<br>==6==&nbsp;Invalid&nbsp;read&nbsp;of&nbsp;size \
&nbsp;8<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x44F5E7:&nbsp;_nc_find_entry&nbsp;(co \
mp_hash.c:70)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x42D90D:&nbsp;nametrans&nbsp;(d \
ump_entry.c:174)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;put_translate& \
nbsp;(tic.c:339)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;main&nbsp;(tic \
.c:1033)<br>==6==&nbsp;&nbsp;Address&nbsp;0x524ac70&nbsp;is&nbsp;206,112&nbsp;bytes&nb \
sp;inside&nbsp;an&nbsp;unallocated&nbsp;block&nbsp;of&nbsp;size&nbsp;4,110,480&nbsp;in \
&nbsp;arena&nbsp;"client"<br>==6==<br>==6==&nbsp;Invalid&nbsp;read&nbsp;of&nbsp;size&n \
bsp;1<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x4ED9570:&nbsp;__strcmp_sse2_unaligned& \
nbsp;(strcmp-sse2-unaligned.S:24)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x44CF30:&nb \
sp;compare_info_names&nbsp;(comp_captab.c:3393)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbs \
p;0x44F5ED:&nbsp;_nc_find_entry&nbsp;(comp_hash.c:70)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp; \
by&nbsp;0x42D90D:&nbsp;nametrans&nbsp;(dump_entry.c:174)<br>==6==&nbsp;&nbsp;&nbsp;&nb \
sp;by&nbsp;0x40556F:&nbsp;put_translate&nbsp;(tic.c:339)<br>==6==&nbsp;&nbsp;&nbsp;&nb \
sp;by&nbsp;0x40556F:&nbsp;main&nbsp;(tic.c:1033)<br>==6==&nbsp;&nbsp;Address&nbsp;0x0& \
nbsp;is&nbsp;not&nbsp;stack'd,&nbsp;malloc'd&nbsp;or&nbsp;(recently)&nbsp;free'd<br>== \
6==<br>==6==<br>==6==&nbsp;Process&nbsp;terminating&nbsp;with&nbsp;default&nbsp;action \
&nbsp;of&nbsp;signal&nbsp;11&nbsp;(SIGSEGV)<br>==6==&nbsp;&nbsp;Access&nbsp;not&nbsp;w \
ithin&nbsp;mapped&nbsp;region&nbsp;at&nbsp;address&nbsp;0x0<br>==6==&nbsp;&nbsp;&nbsp; \
&nbsp;at&nbsp;0x4ED9570:&nbsp;__strcmp_sse2_unaligned&nbsp;(strcmp-sse2-unaligned.S:24 \
)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x44CF30:&nbsp;compare_info_names&nbsp;(comp \
_captab.c:3393)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x44F5ED:&nbsp;_nc_find_entry& \
nbsp;(comp_hash.c:70)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x42D90D:&nbsp;nametrans \
&nbsp;(dump_entry.c:174)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;put_tr \
anslate&nbsp;(tic.c:339)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;main&n \
bsp;(tic.c:1033)<br>==6==&nbsp;&nbsp;If&nbsp;you&nbsp;believe&nbsp;this&nbsp;happened& \
nbsp;as&nbsp;a&nbsp;result&nbsp;of&nbsp;a&nbsp;stack<br>==6==&nbsp;&nbsp;overflow&nbsp \
;in&nbsp;your&nbsp;program's&nbsp;main&nbsp;thread&nbsp;(unlikely&nbsp;but<br>==6==&nb \
sp;&nbsp;possible),&nbsp;you&nbsp;can&nbsp;try&nbsp;to&nbsp;increase&nbsp;the&nbsp;siz \
e&nbsp;of&nbsp;the<br>==6==&nbsp;&nbsp;main&nbsp;thread&nbsp;stack&nbsp;using&nbsp;the \
&nbsp;--main-stacksize=&nbsp;flag.<br>==6==&nbsp;&nbsp;The&nbsp;main&nbsp;thread&nbsp; \
stack&nbsp;size&nbsp;used&nbsp;in&nbsp;this&nbsp;run&nbsp;was&nbsp;8388608.</span></div><div><span \
style="font-family: &quot;" microsoft="" yahei="" ui'";="" font-size:="" 14px;="" \
color:="" rgb(0,="" 0,="" 0);="" background-color:="" rgba(0,="" font-weight:="" \
normal;="" font-style:="" normal;text-decoration:="" \
none;'=""><br>==6==&nbsp;HEAP&nbsp;SUMMARY:<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;in&n \
bsp;use&nbsp;at&nbsp;exit:&nbsp;51,866&nbsp;bytes&nbsp;in&nbsp;35&nbsp;blocks<br>==6== \
&nbsp;&nbsp;&nbsp;total&nbsp;heap&nbsp;usage:&nbsp;56&nbsp;allocs,&nbsp;21&nbsp;frees, \
&nbsp;79,904&nbsp;bytes&nbsp;allocated<br>==6==<br>==6==&nbsp;Searching&nbsp;for&nbsp; \
pointers&nbsp;to&nbsp;35&nbsp;not-freed&nbsp;blocks<br>==6==&nbsp;Checked&nbsp;106,600 \
&nbsp;bytes<br>==6==<br>==6==&nbsp;LEAK&nbsp;SUMMARY:<br>==6==&nbsp;&nbsp;&nbsp;&nbsp; \
definitely&nbsp;lost:&nbsp;0&nbsp;bytes&nbsp;in&nbsp;0&nbsp;blocks<br>==6==&nbsp;&nbsp \
;&nbsp;&nbsp;indirectly&nbsp;lost:&nbsp;0&nbsp;bytes&nbsp;in&nbsp;0&nbsp;blocks<br>==6 \
==&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;possibly&nbsp;lost:&nbsp;0&nbsp;bytes&nbsp;in&nb \
sp;0&nbsp;blocks<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;still&nbsp;reachable:&nbsp;51,866&nbs \
p;bytes&nbsp;in&nbsp;35&nbsp;blocks<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \
&nbsp;&nbsp;suppressed:&nbsp;0&nbsp;bytes&nbsp;in&nbsp;0&nbsp;blocks<br>==6==&nbsp;Rer \
un&nbsp;with&nbsp;--leak-check=full&nbsp;to&nbsp;see&nbsp;details&nbsp;of&nbsp;leaked& \
nbsp;memory<br>==6==<br>==6==&nbsp;ERROR&nbsp;SUMMARY:&nbsp;3&nbsp;errors&nbsp;from&nb \
sp;3&nbsp;contexts&nbsp;(suppressed:&nbsp;0&nbsp;from&nbsp;0)<br>==6==<br>==6==&nbsp;1 \
&nbsp;errors&nbsp;in&nbsp;context&nbsp;1&nbsp;of&nbsp;3:<br>==6==&nbsp;Invalid&nbsp;re \
ad&nbsp;of&nbsp;size&nbsp;1<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x4ED9570:&nbsp;__ \
strcmp_sse2_unaligned&nbsp;(strcmp-sse2-unaligned.S:24)<br>==6==&nbsp;&nbsp;&nbsp;&nbs \
p;by&nbsp;0x44CF30:&nbsp;compare_info_names&nbsp;(comp_captab.c:3393)<br>==6==&nbsp;&n \
bsp;&nbsp;&nbsp;by&nbsp;0x44F5ED:&nbsp;_nc_find_entry&nbsp;(comp_hash.c:70)<br>==6==&n \
bsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x42D90D:&nbsp;nametrans&nbsp;(dump_entry.c:174)<br>==6= \
=&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;put_translate&nbsp;(tic.c:339)<br>==6= \
=&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;main&nbsp;(tic.c:1033)<br>==6==&nbsp;& \
nbsp;Address&nbsp;0x0&nbsp;is&nbsp;not&nbsp;stack'd,&nbsp;malloc'd&nbsp;or&nbsp;(recen \
tly)&nbsp;free'd<br>==6==<br>==6==<br>==6==&nbsp;1&nbsp;errors&nbsp;in&nbsp;context&nb \
sp;2&nbsp;of&nbsp;3:<br>==6==&nbsp;Invalid&nbsp;read&nbsp;of&nbsp;size&nbsp;8<br>==6== \
&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x44F5E7:&nbsp;_nc_find_entry&nbsp;(comp_hash.c:70)<br \
>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x42D90D:&nbsp;nametrans&nbsp;(dump_entry.c:174) \
> <br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;put_translate&nbsp;(tic.c:33 \
> 9)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x40556F:&nbsp;main&nbsp;(tic.c:1033)<br> \
> ==6==&nbsp;&nbsp;Address&nbsp;0x524ac70&nbsp;is&nbsp;206,112&nbsp;bytes&nbsp;inside& \
> nbsp;an&nbsp;unallocated&nbsp;block&nbsp;of&nbsp;size&nbsp;4,110,480&nbsp;in&nbsp;ar \
> ena&nbsp;"client"<br>==6==<br>==6==<br>==6==&nbsp;1&nbsp;errors&nbsp;in&nbsp;context \
> &nbsp;3&nbsp;of&nbsp;3:<br>==6==&nbsp;Invalid&nbsp;read&nbsp;of&nbsp;size&nbsp;1<br> \
> ==6==&nbsp;&nbsp;&nbsp;&nbsp;at&nbsp;0x4409DC:&nbsp;one_one_mapping&nbsp;(dump_entry \
> .c:1399)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4409DC:&nbsp;purged_acs&nbsp;(dum \
> p_entry.c:1425)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4409DC:&nbsp;dump_entry&nb \
> sp;(dump_entry.c:1587)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4045BA:&nbsp;main&n \
> bsp;(tic.c:1039)<br>==6==&nbsp;&nbsp;Address&nbsp;0x520c54e&nbsp;is&nbsp;0&nbsp;byte \
> s&nbsp;after&nbsp;a&nbsp;block&nbsp;of&nbsp;size&nbsp;1,742&nbsp;alloc'd<br>==6==&nb \
> sp;&nbsp;&nbsp;&nbsp;at&nbsp;0x4C2DB8F:&nbsp;malloc&nbsp;(in&nbsp;/usr/lib/valgrind/ \
> vgpreload_memcheck-amd64-linux.so)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4F847F: \
> &nbsp;_nc_wrap_entry&nbsp;(alloc_entry.c:177)<br>==6==&nbsp;&nbsp;&nbsp;&nbsp;by&nbs \
> p;0x4BB4F5:&nbsp;_nc_parse_entry&nbsp;(parse_entry.c:601)<br>==6==&nbsp;&nbsp;&nbsp; \
> &nbsp;by&nbsp;0x4A892B:&nbsp;_nc_read_entry_source&nbsp;(comp_parse.c:225)<br>==6==& \
> nbsp;&nbsp;&nbsp;&nbsp;by&nbsp;0x4037C8:&nbsp;main&nbsp;(tic.c:961)<br>==6==<br>==6= \
> =&nbsp;ERROR&nbsp;SUMMARY:&nbsp;3&nbsp;errors&nbsp;from&nbsp;3&nbsp;contexts&nbsp;(s \
> uppressed:&nbsp;0&nbsp;from&nbsp;0)<br>/bin/bash:&nbsp;line&nbsp;1:&nbsp;&nbsp;&nbsp \
> ;&nbsp;&nbsp;6&nbsp;Segmentation&nbsp;fault&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;valgr \
> ind&nbsp;-v&nbsp;/tmp/noasan/infotocap&nbsp;fuzzpoc/infotocap_poc1<br></span></div>
</body></html>


[Attachment #6 (text/plain)]

_______________________________________________
Bug-ncurses mailing list
Bug-ncurses@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-ncurses


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic