You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2020/06/15 02:04:52 UTC

[GitHub] [incubator-nuttx] anchao opened a new pull request #1234: arch/stackframe: fix heap buffer overflow

anchao opened a new pull request #1234:
URL: https://github.com/apache/incubator-nuttx/pull/1234


   ## Summary
   arch/stackframe: fix heap buffer overflow
   
   ASAN trace:
   ...
   ==32087==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4502120 at pc 0x56673ca3 bp 0xff9b6a08 sp 0xff9b69f8
   WRITE of size 1 at 0xf4502120 thread T0
       #0 0x56673ca2 in strcpy string/lib_strcpy.c:64
   
   0xf4502120 is located 0 bytes to the right of 8224-byte region [0xf4500100,0xf4502120)
   allocated by thread T0 here:
       #0 0xf7a60f54 in malloc (/usr/lib32/libasan.so.4+0xe5f54)
       #1 0x5667725d in up_create_stack sim/up_createstack.c:135
       #2 0x56657ed8 in nxthread_create task/task_create.c:125
       #3 0x566580bb in kthread_create task/task_create.c:297
       #4 0x5665935f in work_start_highpri wqueue/kwork_hpthread.c:149
       #5 0x56656f31 in nx_workqueues init/nx_bringup.c:181
       #6 0x56656fc6 in nx_bringup init/nx_bringup.c:436
       #7 0x56656e95 in nx_start init/nx_start.c:809
       #8 0x566548d4 in main sim/up_head.c:95
       #9 0xf763ae80 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18e80)
   
   CALLSTACK:
       #8  0xf79de7a5 in __asan_report_store1 () from /usr/lib32/libasan.so.4
       #9  0x565fd4d7 in strcpy (dest=0xf4a02121 "", src=0xf5c00895 "k") at string/lib_strcpy.c:64
       #10 0x565e4eb2 in nxtask_setup_stackargs (tcb=0xf5c00810, argv=0x0) at task/task_setup.c:570
       #11 0x565e50ff in nxtask_setup_arguments (tcb=0xf5c00810, name=0x5679e580 "hpwork", argv=0x0) at task/task_setup.c:714
       #12 0x565e414e in nxthread_create (name=0x5679e580 "hpwork", ttype=2 '\002', priority=224, stack=0x0, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:143
       #13 0x565e42e3 in kthread_create (name=0x5679e580 "hpwork", priority=224, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:297
       #14 0x565e5557 in work_start_highpri () at wqueue/kwork_hpthread.c:149
       #15 0x565e3e32 in nx_workqueues () at init/nx_bringup.c:181
       #16 0x565e3ec7 in nx_bringup () at init/nx_bringup.c:436
       #17 0x565e3d96 in nx_start () at init/nx_start.c:809
       #18 0x565e3195 in main (argc=1, argv=0xffe6b954, envp=0xffe6b95c) at sim/up_head.c:95


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [incubator-nuttx] patacongo merged pull request #1234: arch/stackframe: fix heap buffer overflow

Posted by GitBox <gi...@apache.org>.

patacongo merged pull request #1234:
URL: https://github.com/apache/incubator-nuttx/pull/1234


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org