Description
================================================================= ==28765==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60400000d3cf at pc 0x7f7864e3ba81 bp 0x7ffe4f0bdcb0 sp 0x7ffe4f0bd428 READ of size 10 at 0x60400000d3cf thread T0 #0 0x7f7864e3ba80 (/lib64/libasan.so.3+0x8ea80) #1 0x7f7864e3dced in __interceptor_vsnprintf (/lib64/libasan.so.3+0x90ced) #2 0x426c55 in Error(char const*, ...) test/print_funcs.cc:48 #3 0x41ccbc in EsiParser::_parse(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int&, EsiLib::DocNodeList&, bool) const lib/EsiParser.cc:350 #4 0x41d586 in EsiParser::_completeParse(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&, int&, unsigned long&, EsiLib::DocNodeList&, char const*, int) const lib/EsiParser.cc:117 #5 0x41d9b2 in EsiParser::parse(EsiLib::DocNodeList&, char const*, int) const lib/EsiParser.cc:636 #6 0x40944d in main test/parser_test.cc:1029 #7 0x7f7863259730 in __libc_start_main (/lib64/libc.so.6+0x20730) #8 0x4143b8 in _start (/home/bcall/dev/apache/trafficserver/plugins/esi/parser_test+0x4143b8) 0x60400000d3cf is located 1 bytes to the left of 37-byte region [0x60400000d3d0,0x60400000d3f5) allocated by thread T0 here: #0 0x7f7864e74ea0 in operator new(unsigned long) (/lib64/libasan.so.3+0xc7ea0) #1 0x7f7863c3ebf8 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_mutate(unsigned long, unsigned long, char const*, unsigned long) (/lib64/libstdc++.so.6+0x123bf8) SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib64/libasan.so.3+0x8ea80) Shadow bytes around the buggy address: 0x0c087fff9a20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fff9a30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fff9a40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fff9a50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fff9a60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c087fff9a70: fa fa fa fa fa fa fa fa fa[fa]00 00 00 00 05 fa 0x0c087fff9a80: fa fa fd fd fd fd fd fa fa fa 00 00 00 00 00 00 0x0c087fff9a90: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c087fff9aa0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c087fff9ab0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c087fff9ac0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==28765==ABORTING
Attachments
Issue Links
Activity
Bryan Call
created issue -
Bryan Call
made changes -
Field | Original Value | New Value |
---|---|---|
Assignee | Bryan Call [ bcall ] |
Bryan Call
made changes -
Summary | Buffer overflow in esi parser_test | Buffer overflow in esi plugin |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] |
ASF GitHub Bot
logged work - 18/Oct/16 20:08
-
- Time Spent:
- 10m
-
GitHub user bryancall opened a pull request:
https://github.com/apache/trafficserver/pull/1121
TS-4983: Buffer overflow in esi plugin
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/bryancall/trafficserverTS-4983
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafficserver/pull/1121.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1121
----
commit 7bc5190d79f8a05502936e11e175a949fdd2dea0
Author: Bryan Call <bcall@apache.org>
Date: 2016-10-18T20:07:51Z
TS-4983: Buffer overflow in esi plugin
----
ASF GitHub Bot
made changes -
Worklog Id | 30840 [ 30840 ] | |
Remaining Estimate | 0h [ 0 ] | |
Time Spent | 10m [ 600 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] |
ASF GitHub Bot
logged work - 18/Oct/16 20:12
-
- Time Spent:
- 10m
-
Github user bryancall closed the pull request at:
https://github.com/apache/trafficserver/pull/1121
ASF GitHub Bot
made changes -
Worklog Id | 30842 [ 30842 ] | |
Time Spent | 10m [ 600 ] | 20m [ 1200 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] |
ASF GitHub Bot
logged work - 18/Oct/16 20:21
-
- Time Spent:
- 10m
-
Github user atsci commented on the issue:
https://github.com/apache/trafficserver/pull/1121
FreeBSD build *successful*! See https://ci.trafficserver.apache.org/job/Github-FreeBSD/1049/ for details.
ASF GitHub Bot
made changes -
Worklog Id | 30846 [ 30846 ] | |
Time Spent | 20m [ 1200 ] | 0.5h [ 1800 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] | This issue links to "GitHub Pull Request #1121 (Web Link)" [ 59078 ] |
ASF GitHub Bot
logged work - 18/Oct/16 20:24
-
- Time Spent:
- 10m
-
Github user atsci commented on the issue:
https://github.com/apache/trafficserver/pull/1121
Linux build *successful*! See https://ci.trafficserver.apache.org/job/Github-Linux/941/ for details.
ASF GitHub Bot
made changes -
Worklog Id | 30848 [ 30848 ] | |
Time Spent | 0.5h [ 1800 ] | 40m [ 2400 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] |
ASF GitHub Bot
logged work - 18/Oct/16 21:05
-
- Time Spent:
- 10m
-
GitHub user bryancall opened a pull request:
https://github.com/apache/trafficserver/pull/1122
TS-4983: Buffer overflow in esi plugin
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/bryancall/trafficserverTS-4983_2
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafficserver/pull/1122.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1122
----
commit 178b15bc5fb455ed91152d44df6f09757a4c4467
Author: Bryan Call <bcall@apache.org>
Date: 2016-10-18T20:36:31Z
TS-4983: Buffer overflow in esi plugin
----
ASF GitHub Bot
made changes -
Worklog Id | 30851 [ 30851 ] | |
Time Spent | 40m [ 2400 ] | 50m [ 3000 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] |
ASF GitHub Bot
logged work - 18/Oct/16 21:15
-
- Time Spent:
- 10m
-
Github user shukitchan commented on the issue:
https://github.com/apache/trafficserver/pull/1122
đź‘Ť
looks good. data_ptr is simply (and redundantly) for reporting error. And we don't actually need it.
ASF GitHub Bot
made changes -
Worklog Id | 30855 [ 30855 ] | |
Time Spent | 50m [ 3000 ] | 1h [ 3600 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] |
ASF GitHub Bot
logged work - 18/Oct/16 21:16
-
- Time Spent:
- 10m
-
Github user atsci commented on the issue:
https://github.com/apache/trafficserver/pull/1122
FreeBSD build *successful*! See https://ci.trafficserver.apache.org/job/Github-FreeBSD/1051/ for details.
ASF GitHub Bot
made changes -
Worklog Id | 30856 [ 30856 ] | |
Time Spent | 1h [ 3600 ] | 1h 10m [ 4200 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] |
ASF GitHub Bot
logged work - 18/Oct/16 21:19
-
- Time Spent:
- 10m
-
Github user atsci commented on the issue:
https://github.com/apache/trafficserver/pull/1122
Linux build *successful*! See https://ci.trafficserver.apache.org/job/Github-Linux/943/ for details.
ASF GitHub Bot
made changes -
Worklog Id | 30857 [ 30857 ] | |
Time Spent | 1h 10m [ 4200 ] | 1h 20m [ 4800 ] |
ASF GitHub Bot
made changes -
Remote Link | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] | This issue links to "GitHub Pull Request #1122 (Web Link)" [ 59085 ] |
ASF GitHub Bot
logged work - 18/Oct/16 21:26
-
- Time Spent:
- 10m
-
Github user bryancall closed the pull request at:
https://github.com/apache/trafficserver/pull/1122
ASF GitHub Bot
made changes -
Worklog Id | 30858 [ 30858 ] | |
Time Spent | 1h 20m [ 4800 ] | 1.5h [ 5400 ] |
Bryan Call
made changes -
Fix Version/s | 7.1.0 [ 12337879 ] | |
Resolution | Fixed [ 1 ] | |
Status | Open [ 1 ] | Resolved [ 5 ] |