[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bash segmentation fault in readline's update_line
|
From: |
Eduardo Bustamante |
|
Subject: |
Bash segmentation fault in readline's update_line |
|
Date: |
Fri, 12 May 2017 10:14:13 -0500 |
dualbus@debian:~/bash-fuzzing/read-readline$ base64 update_line 秧秧秧秧秧秧秧
MBs4MOenpzAwMDAwMDAwMBs4OOenpwESGQ==
Core was generated by `/home/dualbus/src/gnu/bash/bash -c read -e'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 __memcmp_sse4_1 () at ../sysdeps/x86_64/multiarch/memcmp-sse4.S:693
693 ../sysdeps/x86_64/multiarch/memcmp-sse4.S: No such file or directory.
(gdb) bt
#0 __memcmp_sse4_1 () at ../sysdeps/x86_64/multiarch/memcmp-sse4.S:693
#1 0x0000000000519270 in update_line (
old=0x143c0c7 '秧' <repeats 23 times>, "000000000", '秧' <repeats 39
times>, <incomplete sequence \347\247>...,
new=0x143b0c7 '秧' <repeats 23 times>, "000000000", '秧' <repeats 39
times>, <incomplete sequence \347\247>...,
current_line=1, omax=-42, nmax=-42, inv_botlin=5) at display.c:1609
#2 0x0000000000516b5a in rl_redisplay () at display.c:1121
#3 0x0000000000514f04 in rl_display_search (search_string=0x1439808
"0", '秧' <repeats 65 times>, <incomplete sequence \347>...,
flags=3, where=-1) at isearch.c:198
#4 0x0000000000514d52 in _rl_isearch_dispatch (cxt=0x1438508, c=25)
at isearch.c:718
#5 0x00000000005138c0 in rl_search_history (direction=-1,
invoking_key=18) at isearch.c:762
#6 0x000000000051381d in rl_reverse_search_history (sign=1, key=18)
at isearch.c:136
#7 0x00000000004fe8c7 in _rl_dispatch_subseq (key=18, map=0x772d90
<emacs_standard_keymap>, got_subseq=0) at readline.c:851
#8 0x00000000004fe269 in _rl_dispatch (key=18, map=0x772d90
<emacs_standard_keymap>) at readline.c:797
#9 0x00000000004fe1d9 in readline_internal_char () at readline.c:629
#10 0x00000000004ff7c2 in readline_internal_charloop () at readline.c:656
#11 0x00000000004fdb32 in readline_internal () at readline.c:670
#12 0x00000000004fd9f0 in readline (prompt=0x5513f9 "") at readline.c:374
#13 0x00000000004cd106 in edit_line (p=0x5513f9 "", itext=0x0) at
./read.def:1090
#14 0x00000000004cbc33 in read_builtin (list=0x0) at ./read.def:554
#15 0x000000000044efcf in execute_builtin (builtin=0x4cada0
<read_builtin>, words=0x13dc688, flags=64, subshell=0)
at execute_cmd.c:4605
#16 0x000000000044e400 in execute_builtin_or_function
(words=0x13dc688, builtin=0x4cada0 <read_builtin>, var=0x0,
redirects=0x0,
fds_to_close=0x13dbe08, flags=64) at execute_cmd.c:5103
#17 0x00000000004470b5 in execute_simple_command
(simple_command=0x13dbd88, pipe_in=-1, pipe_out=-1, async=0,
fds_to_close=0x13dbe08)
at execute_cmd.c:4391
#18 0x0000000000444b91 in execute_command_internal (command=0x13dbd48,
asynchronous=0, pipe_in=-1, pipe_out=-1,
fds_to_close=0x13dbe08) at execute_cmd.c:812
#19 0x00000000004c1ff7 in parse_and_execute (string=0x13c4268 "read
-e", from_file=0x535c9f "-c", flags=4) at evalstring.c:430
#20 0x00000000004271af in run_one_command (command=0x7ffc7981a719
"read -e") at shell.c:1405
#21 0x00000000004251fd in main (argc=3, argv=0x7ffc79818ea8,
env=0x7ffc79818ec8) at shell.c:718
(gdb) p old
$1 = 0x8880c7 '秧' <repeats 23 times>, "000000000", '秧' <repeats 39
times>, <incomplete sequence \347\247>...
(gdb) p new
$2 = 0x8870c7 '秧' <repeats 23 times>, "000000000", '秧' <repeats 39
times>, <incomplete sequence \347\247>...
(gdb) call strlen(old)
$3 = 859
(gdb) call strlen(new)
$4 = 859
(gdb) p temp
$5 = -42
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Bash segmentation fault in readline's update_line,
Eduardo Bustamante <=