Comments (7)
Vuln-2
Version
Compile
CFLAGS="-g -fsanitize=address" make
ASAN Report
root@9dc6ce043bcb:~/Ablation/wac-asan# ./wace ../wasm-fuzz/fuzz_out_wac/crashes/id\:000001\,sig\:11\,src\:000236\,op\:python\,pos\:0
=================================================================
==2258725==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf28ee774 at pc 0x566038d5 bp 0xffa93578 sp 0xffa93568
READ of size 12 at 0xf28ee774 thread T0
#0 0x566038d4 in interpret /root/Ablation/wac-asan/wa.c:860
#1 0x56613459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x566150e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf742aed4 in __libc_start_main ../csu/libc-start.c:308
#4 0x565f8704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf28ee774 is located 140 bytes to the left of 1114228-byte region [0xf28ee800,0xf29fe874)
allocated by thread T0 here:
#0 0xf7a7d9f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x56614299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x5660e2ee in load_module /root/Ablation/wac-asan/wa.c:1455
#3 0x566150e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf742aed4 in __libc_start_main ../csu/libc-start.c:308
Reproduce
./wace <PoC>
PoC
from wac.
Version
Compile
CFLAGS="-g -fsanitize=address" make
ASAN report
==12882==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf27ee7b4 at pc 0x5657ee92 bp 0xfffbf918 sp 0xfffbf908
READ of size 4 at 0xf27ee7b4 thread T0
#0 0x5657ee91 in interpret /root/Ablation/wac-asan/wa.c:1380
#1 0x56585459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x565870e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf7381ed4 in __libc_start_main ../csu/libc-start.c:308
#4 0x5656a704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf27ee7b4 is located 76 bytes to the left of 1114228-byte region [0xf27ee800,0xf28fe874)
allocated by thread T0 here:
#0 0xf79d49f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x56586299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x565802ee in load_module /root/Ablation/wac-asan/wa.c:1455
#3 0x565870e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf7381ed4 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-buffer-overflow /root/Ablation/wac-asan/wa.c:1380 in interpret
Reproduce
from wac.
Version
Compile
CFLAGS="-g -fsanitize=address" make
ASAN report
=================================================================
==15707==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf214f064 at pc 0x5661314a bp 0xffc7e398 sp 0xffc7e388
READ of size 4 at 0xf214f064 thread T0
#0 0x56613149 in interpret /root/Ablation/wac-asan/wa.c:706
#1 0x56624459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x566260e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf7425ed4 in __libc_start_main ../csu/libc-start.c:308
#4 0x56609704 in _start (/root/Ablation/wac-asan/wace+0x3704)
Address 0xf214f064 is a wild pointer.
SUMMARY: AddressSanitizer: heap-buffer-overflow /root/Ablation/wac-asan/wa.c:706 in interpret
Reproduce
from wac.
Version
Compile
CFLAGS="-g -fsanitize=address" make
ASAN report
root@9dc6ce043bcb:~/Ablation/wasm-fuzz/fuzz_out_wac/crashes# ./wace id:000070,sig:11,src:000820,op:python,pos:0
=================================================================
==17247==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf3c004ee at pc 0x566333bc bp 0xffea6808 sp 0xffea67f8
READ of size 8 at 0xf3c004ee thread T0
#0 0x566333bb in interpret /root/Ablation/wac-asan/wa.c:925
#1 0x56642459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x566440e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf7461ed4 in __libc_start_main ../csu/libc-start.c:308
#4 0x56627704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf3c004ee is located 2 bytes to the left of 4-byte region [0xf3c004f0,0xf3c004f4)
allocated by thread T0 here:
#0 0xf7ab49f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x56643299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x5663dda6 in load_module /root/Ablation/wac-asan/wa.c:1515
#3 0x566440e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf7461ed4 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-buffer-overflow /root/Ablation/wac-asan/wa.c:925 in interpret
Reproduce
from wac.
ASAN report
=================================================================
==22338==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf27ee798 at pc 0x5657218c bp 0xffdd4718 sp 0xffdd4708
READ of size 12 at 0xf27ee798 thread T0
#0 0x5657218b in interpret /root/Ablation/wac-asan/wa.c:832
#1 0x56582459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x565840e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf73bced4 in __libc_start_main ../csu/libc-start.c:308
#4 0x56567704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf27ee798 is located 104 bytes to the left of 1114228-byte region [0xf27ee800,0xf28fe874)
allocated by thread T0 here:
#0 0xf7a0f9f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x56583299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x5657d2ee in load_module /root/Ablation/wac-asan/wa.c:1455
#3 0x565840e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf73bced4 in __libc_start_main ../csu/libc-start.c:308
reproduce
from wac.
ASAN report
==23102==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf28ee574 at pc 0x5659d10e bp 0xff9a2ac8 sp 0xff9a2ab8
READ of size 4 at 0xf28ee574 thread T0
#0 0x5659d10d in interpret /root/Ablation/wac-asan/wa.c:1168
#1 0x565a7459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x565a90e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf740ced4 in __libc_start_main ../csu/libc-start.c:308
#4 0x5658c704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf28ee574 is located 652 bytes to the left of 1114228-byte region [0xf28ee800,0xf29fe874)
allocated by thread T0 here:
#0 0xf7a5f9f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x565a8299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x565a22ee in load_module /root/Ablation/wac-asan/wa.c:1455
#3 0x565a90e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf740ced4 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-buffer-overflow /root/Ablation/wac-asan/wa.c:1168 in interpret
reproduce
from wac.
asan report
=================================================================
==25147==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf3b00493 at pc 0x565de1e5 bp 0xffa4f628 sp 0xffa4f618
READ of size 2 at 0xf3b00493 thread T0
#0 0x565de1e4 in interpret /root/Ablation/wac-asan/wa.c:947
#1 0x565ec459 in load_module /root/Ablation/wac-asan/wa.c:1911
#2 0x565ee0e9 in main /root/Ablation/wac-asan/wace.c:64
#3 0xf737fed4 in __libc_start_main ../csu/libc-start.c:308
#4 0x565d1704 in _start (/root/Ablation/wac-asan/wace+0x3704)
0xf3b00494 is located 0 bytes to the right of 4-byte region [0xf3b00490,0xf3b00494)
allocated by thread T0 here:
#0 0xf79d29f7 in __interceptor_calloc ../../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
#1 0x565ed299 in acalloc /root/Ablation/wac-asan/platform_libc.c:16
#2 0x565ea0f7 in load_module /root/Ablation/wac-asan/wa.c:1694
#3 0x565ee0e9 in main /root/Ablation/wac-asan/wace.c:64
#4 0xf737fed4 in __libc_start_main ../csu/libc-start.c:308
reproduce
from wac.
Related Issues (15)
- Dynamic memory allocation and sandboxing HOT 3
- cannot pull kanaka/emscripten from docker hub HOT 1
- Arm support? HOT 5
- wac crashes
- segmentation fault when running clang built wasm HOT 2
- examples cannot stat wasm files HOT 7
- Windows build download link
- -Wformat error HOT 4
- Use wast2json instead for generating tests? HOT 2
- Any plans to allow x64 (amd64) builds? HOT 6
- performance?
- Multiple heap-buffer-overflow in load_module HOT 1
- heap-buffer-overflow in setup_call
- DoS in wace
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wac.