[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
asan report in bash_add_history
From: |
Grisha Levit |
Subject: |
asan report in bash_add_history |
Date: |
Tue, 7 Mar 2023 11:56:29 -0500 |
./bash --norc -in <<<$'\\\n.'
bashhist.c:899:8: runtime error: addition of unsigned offset to
0x00010700d190 overflowed to 0x00010700d18f
ERROR: AddressSanitizer: heap-buffer-overflow on address
0x00010700d18f at pc 0x0001045fe1b8 bp 0x00016bb1f350 sp
0x00016bb1f348
READ of size 1 at 0x00010700d18f thread T0
frame #5: 0x00000001045fe1b8 bash`bash_add_history(line=".") at
bashhist.c:899:8
frame #6: 0x00000001045fd0c8 bash`maybe_add_history(line=".") at
bashhist.c:759:2
frame #7: 0x00000001045fca34 bash`pre_process_line(line=".",
print_changes=1, addit=1) at bashhist.c:628:5
frame #8: 0x000000010432df50
bash`shell_getc(remove_quoted_newline=1) at parse.y:2508:17
frame #9: 0x000000010432786c bash`read_token(command=0) at parse.y:3432:23
(lldb) fr s 5
frame #5: 0x00000001045fe1b8 bash`bash_add_history(line=".") at bashhist.c:899:8
896 curlen = strlen (current->line);
897
898 if (dstack.delimiter_depth == 0 && current->line[curlen - 1] == '\\' &&
-> 899 current->line[curlen - 2] != '\\')
900 {
901 current->line[curlen - 1] = '\0';
902 curlen--;
(lldb) fr v current->line curlen
(char *) current->line = 0x000000010700d190 "\\"
(size_t) curlen = 1
- asan report in bash_add_history,
Grisha Levit <=