Comments (1)
schwehr
commented on July 29, 2024
More direct testing to demonstrate the buffer overflow:
TEST(MbGetTime, AsanFailure) {
double t = -1.0;
int time[7] = {0, 0, 0, 0, 0, 0, 0};
EXPECT_EQ(MB_FAILURE, mb_get_time(0, time, &t));
}
TEST(MbGetTime, AsanFailureNegative) {
double t = -1.0;
int time[7] = {-1, -1, -1, -1, -1, -1, -1};
EXPECT_EQ(MB_FAILURE, mb_get_time(0, time, &t));
}dbg2 MBIO function <mb_get_time> called
dbg2 Input arguments:
dbg2 verbose: 0
dbg2 year: 0
dbg2 month: 0
dbg2 day: 0
dbg2 hour: 0
dbg2 minute: 0
dbg2 second: 0
dbg2 microsec:0
dbg2 time_d: 0x7f2196462a20
dbg2 *time_d: -1.000000
=================================================================
==7072==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f21a143e17c at pc 0x7f21a173ac3d bp 0x7ffd8515cb60 sp 0x7ffd8515cb58
READ of size 4 at 0x7f21a143e17c thread T0
#0 0x7f21a173ac3c in mb_get_time third_party/mbsystem/mbio/mb_time.c:58:16
#1 0x7f21a260cb4d in (anonymous namespace)::MbGetTime_AsanFailure_Test::TestBody() third_party/mbsystem/test/mbio/mb_time_test.cc:87:3
0x7f21a143e17c is located 4 bytes to the left of global variable 'yday' defined in 'third_party/mbsystem/mbio/mb_time.c:30:18' (0x7f21a143e180) of size 48
0x7f21a143e17c is located 36 bytes to the right of global variable '<string literal>' defined in 'third_party/mbsystem/mbio/mb_time.c:49:19' (0x7f21a143e140) of size 24
'<string literal>' is ascii string 'dbg2 *time_d: %f
'
SUMMARY: AddressSanitizer: global-buffer-overflow third_party/mbsystem/mbio/mb_time.c:58:16 in mb_get_time
Shadow bytes around the buggy address:
0x0fe4b427fbd0: 00 04 f9 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9
0x0fe4b427fbe0: 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9
0x0fe4b427fbf0: 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9
0x0fe4b427fc00: 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9
0x0fe4b427fc10: 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9
=>0x0fe4b427fc20: 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9 f9 f9 f9[f9]
0x0fe4b427fc30: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00
0x0fe4b427fc40: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 05 f9
0x0fe4b427fc50: f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9 00 00 06 f9
0x0fe4b427fc60: f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9 00 04 f9 f9
0x0fe4b427fc70: f9 f9 f9 f9 00 00 00 00 00 00 00 07 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
from mb-system.
Related Issues (20)
- Problem compiling Pre-release 5.7.6beta38 HOT 3
- Data corruption while reading Kmall data with version 0 #MWC datagrams HOT 4
- Format of gridded data
- MB System installation on Mac OS Big Sur HOT 3
- configure and build mb-stystem on headless server with no X dependencies HOT 3
- mb_rt raytrace trajectory HOT 3
- Time conversion issue
- Raytracing integrated range
- s7k datafile with 1024 beams HOT 2
- Problem compiling MB-System: fatal error: gmt_common_byteswap.h: No such file or directory HOT 8
- Add mbgrd2gltf standalone program HOT 5
- configuere error on linux (ubuntu) can't find tirpc/rpc/types.h HOT 22
- Unable to apply time latency to kmall/mb261 survey data with mbpreprocess HOT 6
- 5.7.9 (beta) and Debian 11 HOT 1
- MB-System PDAL - mbio (ro) driver update
- Cannot install MB-System using home-brew HOT 2
- Provide a way to change altitude when running mbgrid.
- MBedit and MBvelocitytool GUI can't open in WSL 2 using Ubuntu 22.04 HOT 2
- Add Draco compression to mbgrd2gltf HOT 7
- Problems if folder name contains space
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mb-system.