gnuplot / Bugs / #2339 heap-buffer-overflow

A portable, multi-platform, command-line driven graphing utility

#2339 heap-buffer-overflow

Milestone: None

Status: closed-fixed

Owner: nobody

Labels: None

Priority:

Updated: 2020-12-07

Created: 2020-10-16

Creator: liuchenyifan

Private: No

gnuplot 5.5 (last modified in 9.18) on centos linux 7.7.1908

==13898== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603e00000030 at pc 0x846264 bp 0x7ffcdeb00b60 sp 0x7ffcdeb00b50
READ of size 1 at 0x603e00000030 thread T0
#0 0x846263 (/root/bug_finder/target_program/asan_program/gnuplot+0x846263)

#1 0x843e85 (/root/bug_finder/target_program/asan_program/gnuplot+0x843e85)

#2 0x8abe38 (/root/bug_finder/target_program/asan_program/gnuplot+0x8abe38)

#3 0x8d8aa9 (/root/bug_finder/target_program/asan_program/gnuplot+0x8d8aa9)

#4 0x444d70 (/root/bug_finder/target_program/asan_program/gnuplot+0x444d70)

#5 0x59c4c8 (/root/bug_finder/target_program/asan_program/gnuplot+0x59c4c8)

#6 0x68cb95 (/root/bug_finder/target_program/asan_program/gnuplot+0x68cb95)

#7 0x463bc3 (/root/bug_finder/target_program/asan_program/gnuplot+0x463bc3)

#8 0x459f6c (/root/bug_finder/target_program/asan_program/gnuplot+0x459f6c)

#9 0x61b63b (/root/bug_finder/target_program/asan_program/gnuplot+0x61b63b)

#10 0x40772e (/root/bug_finder/target_program/asan_program/gnuplot+0x40772e)

#11 0x7f2e165e4554 (/usr/lib64/libc-2.17.so+0x22554)

#12 0x4084ec (/root/bug_finder/target_program/asan_program/gnuplot+0x4084ec)

0x603e00000030 is located 80 bytes to the left of 12480-byte region [0x603e00000080,0x603e00003140)

==13898== AddressSanitizer CHECK failed: ../../../../libsanitizer/asan/asan_thread_registry.cc:153 "((tid < n_threads_)) != (0)" (0x0, 0x0)

#0 0x7f2e17c72b9a (/usr/lib64/libasan.so.0.0.0+0x12b9a)

#1 0x7f2e17c79e03 (/usr/lib64/libasan.so.0.0.0+0x19e03)

#2 0x7f2e17c74358 (/usr/lib64/libasan.so.0.0.0+0x14358)

#3 0x7f2e17c779f1 (/usr/lib64/libasan.so.0.0.0+0x179f1)

#4 0x7f2e17c78be1 (/usr/lib64/libasan.so.0.0.0+0x18be1)

#5 0x7f2e17c72f22 (/usr/lib64/libasan.so.0.0.0+0x12f22)

#6 0x846263 (/root/bug_finder/target_program/asan_program/gnuplot+0x846263)

#7 0x843e85 (/root/bug_finder/target_program/asan_program/gnuplot+0x843e85)

#8 0x8abe38 (/root/bug_finder/target_program/asan_program/gnuplot+0x8abe38)

#9 0x8d8aa9 (/root/bug_finder/target_program/asan_program/gnuplot+0x8d8aa9)

#10 0x444d70 (/root/bug_finder/target_program/asan_program/gnuplot+0x444d70)

#11 0x59c4c8 (/root/bug_finder/target_program/asan_program/gnuplot+0x59c4c8)

#12 0x68cb95 (/root/bug_finder/target_program/asan_program/gnuplot+0x68cb95)

#13 0x463bc3 (/root/bug_finder/target_program/asan_program/gnuplot+0x463bc3)

#14 0x459f6c (/root/bug_finder/target_program/asan_program/gnuplot+0x459f6c)

#15 0x61b63b (/root/bug_finder/target_program/asan_program/gnuplot+0x61b63b)

#16 0x40772e (/root/bug_finder/target_program/asan_program/gnuplot+0x40772e)

#17 0x7f2e165e4554 (/usr/lib64/libc-2.17.so+0x22554)

#18 0x4084ec (/root/bug_finder/target_program/asan_program/gnuplot+0x4084ec)

1 Attachments

bug14

Discussion

liuchenyifan - 2020-10-16

Attachments has changed:

Diff:

--- old +++ new @@ -0,0 +1 @@ +bug14 (1.0 kB; application/octet-stream)

Group: -->

Priority: -->
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ethan Merritt - 2020-10-16

Ignore mangled unicode escape sequence.

Last edit: Ethan Merritt 2020-10-16

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ethan Merritt - 2020-10-16

status: open --> pending-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ethan Merritt - 2020-12-07

Status: pending-fixed --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

heap-buffer-overflow