PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify

bug-gnu-pspp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars

From:	Andrea Fioraldi
Subject:	PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars
Date:	Wed, 17 Jun 2020 03:52:57 -0400 (EDT)
User-agent:	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0

URL:
  <https://savannah.gnu.org/bugs/?58590>

                 Summary: Null pointer dereference in cmd_modify_vars
                 Project: PSPP
            Submitted by: andreafioraldi
            Submitted on: Wed 17 Jun 2020 07:52:55 AM UTC
                Category: Syntax Parser
                Severity: 5 - Average
                  Status: None
             Assigned to: None
             Open/Closed: Open
                 Release: None
         Discussion Lock: Any
                  Effort: 0.00

    _______________________________________________________

Details:

Another bug, a null ptr deref.

I'm on the last commit, 53d339111a9f51561cfccc65764874cdf54e501a


AddressSanitizer:DEADLYSIGNAL
=================================================================
==114844==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x0000006761aa bp 0x7fffffffdf50 sp 0x7fffffffdc60 T0)
==114844==The signal is caused by a READ memory access.
==114844==Hint: address points to the zero page.
    #0 0x6761aa in cmd_modify_vars
/home/andreaf/real/pspp/src/language/dictionary/modify-variables.c:365:11
    #1 0x4d048b in do_parse_command
/home/andreaf/real/pspp/src/language/command.c:233:16
    #2 0x4d048b in cmd_parse_in_state
/home/andreaf/real/pspp/src/language/command.c:148:12
    #3 0x4c9df6 in main /home/andreaf/real/pspp/src/ui/terminal/main.c:138:20
    #4 0x7ffff61a5b96 in __libc_start_main
/build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #5 0x421499 in _start (/home/andreaf/real/pspp/pspp_afl+0x421499)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/andreaf/real/pspp/src/language/dictionary/modify-variables.c:365:11 in
cmd_modify_vars
==114844==ABORTING




    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Wed 17 Jun 2020 07:52:55 AM UTC  Name: null_ptr_1  Size: 3KiB   By:
andreafioraldi
bug repro testcase
<http://savannah.gnu.org/bugs/download.php?file_id=49284>

    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?58590>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars, Andrea Fioraldi <=
- Re: PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars, John Darrington, 2020/06/17
- PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars, John Darrington, 2020/06/20

Prev by Date: PSPP-BUG: [bug #58586] stack-buffer-overflow in lex_ellipsize__
Next by Date: PSPP-BUG: [bug #58591] Negative size to memmove
Previous by thread: PSPP-BUG: [bug #58586] stack-buffer-overflow in lex_ellipsize__
Next by thread: Re: PSPP-BUG: [bug #58590] Null pointer dereference in cmd_modify_vars
Index(es):
- Date
- Thread