[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#29564: Segmentation fault if print command is issued

From: Nils Bars
Subject: bug#29564: Segmentation fault if print command is issued
Date: Mon, 4 Dec 2017 12:49:48 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0


I found a bug while fuzzing parted. A test case that triggers the
segmentation fault is attached.

Is there any way for me to track the issue status on some sort of bug

- Trigger the bug
parted 'f01:id:000002,sig:11,src:000220,op:arith8,pos:2568,val:-33' print

- parted --version
parted (GNU parted) 3.2
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by

Program received signal SIGSEGV, Segmentation fault.
RAX: 0xd31bc09c
RBX: 0x7fffffffcd00 ("44444444\023")
RCX: 0x7ffff7bc5be0 --> 0x7707309600000000
RDX: 0x67 ('g')
RSI: 0x7fffffffcd13 ('4' <repeats 143 times>, ":", '4' <repeats 41
times>, "$", '4' <repeats 14 times>...)
RDI: 0x7ffffffff000
RBP: 0x13
RSP: 0x7fffffffc6c8 --> 0x7ffff7baff6a (cmp    DWORD PTR [rbx+0x10],eax)
RIP: 0x7ffff7bb58f8 (<__efi_crc32+24>:    movzx  edx,BYTE PTR [rdi])
R8 : 0x5555557cb040 --> 0x5555557cb470 --> 0x0
R9 : 0x555555790f70
R10: 0x7ffff74cdbe0 --> 0x0
R11: 0x0
R12: 0x10
R13: 0x555555791798 --> 0x555555769980 --> 0x0
R14: 0x7fffffffc6f0 --> 0x100000089
R15: 0x7fffffffcd00 ("44444444\023")
EFLAGS: 0x10283 (CARRY parity adjust zero SIGN trap INTERRUPT direction
   0x7ffff7bb58ec <__efi_crc32+12>:    add    rsi,rdi
   0x7ffff7bb58ef <__efi_crc32+15>:    mov    eax,edx
   0x7ffff7bb58f1 <__efi_crc32+17>:    nop    DWORD PTR [rax+0x0]
=> 0x7ffff7bb58f8 <__efi_crc32+24>:    movzx  edx,BYTE PTR [rdi]
   0x7ffff7bb58fb <__efi_crc32+27>:    add    rdi,0x1
   0x7ffff7bb58ff <__efi_crc32+31>:    xor    edx,eax
   0x7ffff7bb5901 <__efi_crc32+33>:    shr    eax,0x8
   0x7ffff7bb5904 <__efi_crc32+36>:    movzx  edx,dl
0000| 0x7fffffffc6c8 --> 0x7ffff7baff6a (cmp    DWORD PTR [rbx+0x10],eax)
0008| 0x7fffffffc6d0 --> 0x7fffffffcd00 ("44444444\023")
0016| 0x7fffffffc6d8 --> 0x7fffffffc900 ('a' <repeats 180 times>,
"xaaaa]", 'a' <repeats 14 times>...)
0024| 0x7fffffffc6e0 --> 0x7fffffffd950 --> 0x7ffff7dd2530 -->
0x7ffff7dd23b0 --> 0x7ffff7dd23d0 --> 0x7ffff7dd23f0 (--> ...)
0032| 0x7fffffffc6e8 --> 0x7ffff7bb0100 (<nilfs2_probe+384>:    test  
0040| 0x7fffffffc6f0 --> 0x100000089
0048| 0x7fffffffc6f8 --> 0x555555776da0 --> 0x555555776dd8 ("INTERNAL")
0056| 0x7fffffffc700 --> 0x7fffffffd820 ('a' <repeats 22 times>, "@",
'a' <repeats 177 times>...)
Legend: code, data, rodata, value
Stopped reason: SIGSEGV
0x00007ffff7bb58f8 in __efi_crc32 () from /usr/lib/libparted.so.2

Attachment: f01:id:000002,sig:11,src:000220,op:arith8,pos:2568,val:-33
Description: Binary data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]