[Bug 1942673] Re: glibc AddressSanitizer:DEADLYSIGNAL

Steve Beattie 1942673 at bugs.launchpad.net
Tue Sep 14 17:30:16 UTC 2021 

** Information type changed from Private Security to Public Security

** Package changed: glibc (Ubuntu) => pcre2 (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1942673

Title:
  glibc AddressSanitizer:DEADLYSIGNAL

Status in pcre2 package in Ubuntu:
  New

Bug description:
  Hello, I found a crash in glibc 2.31 when fuzzing libpcre2 in Ubuntu
  20.04.2 LTS. The input file used to crash the program is attached.

  The command to reproduce :
  --
  sudo apt-get source -y libpcre2-dev
  cd pcre2-10.34/
  CFLAGS="-fsanitize=address -g" CXXFLAGS="-fsanitize=address -g" ./configure 
  make
  cd .libs/
  export LD_LIBRARY_PATH=`pwd`
  cat /tmp/libc_0x1875df | ./pcre2test
  --

  Output from ASAN :
  --
  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==2223969==ERROR: AddressSanitizer: SEGV on unknown address 0x629000010000 (pc 0x7ffff74015e0 bp 0x7fffffff7d70 sp 0x7fffffff74e8 T0)
  ==2223969==The signal is caused by a READ memory access.
      #0 0x7ffff74015df  (/lib/x86_64-linux-gnu/libc.so.6+0x1875df)
      #1 0x7ffff75cef11  (/lib/x86_64-linux-gnu/libasan.so.5+0x4df11)
      #2 0x7ffff753e1f0 in pcre2_match_8 src/pcre2_match.c:6754
      #3 0x555555581d6f in process_data src/pcre2test.c:7539
      #4 0x555555586ce8 in main src/pcre2test.c:9003
      #5 0x7ffff72a10b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
      #6 0x55555556a1ad in _start (/tmp/libpcre2-dev/asan/pcre2-10.34/.libs/pcre2test+0x161ad)

  AddressSanitizer can not provide additional info.
  SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x1875df) 
  --

  Ubuntu versions and libc versions:
  --
  kurisu at ubuntu:/tmp/libpcre2-dev/asan/pcre2-10.34/.libs$ cat /etc/os-release 
  NAME="Ubuntu"
  VERSION="20.04.2 LTS (Focal Fossa)"
  ID=ubuntu
  ID_LIKE=debian
  PRETTY_NAME="Ubuntu 20.04.2 LTS"
  VERSION_ID="20.04"
  HOME_URL="https://www.ubuntu.com/"
  SUPPORT_URL="https://help.ubuntu.com/"
  BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
  PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
  VERSION_CODENAME=focal
  UBUNTU_CODENAME=focal

  kurisu at ubuntu:/tmp/libpcre2-dev/asan/pcre2-10.34/.libs$ /lib/x86_64-linux-gnu/libc.so.6
  GNU C Library (Ubuntu GLIBC 2.31-0ubuntu9.2) stable release version 2.31.
  Copyright (C) 2020 Free Software Foundation, Inc.
  This is free software; see the source for copying conditions.
  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
  PARTICULAR PURPOSE.
  Compiled by GNU CC version 9.3.0.
  libc ABIs: UNIQUE IFUNC ABSOLUTE
  For bug reporting instructions, please see:
  <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
  --

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre2/+bug/1942673/+subscriptions

More information about the foundations-bugs mailing list