How to interpret an unknown crash from ASAN

safdar . aneela1 Sun, 30 Dec 2018 21:47:35 -0800

Hi,

I am trying to find out Heartbleed bug from a vulnerable version of openssl 
and getting this output from ASAN,


==74031== ERROR: AddressSanitizer: unknown-crash on address 0x60820001220b 
at pc 0x7f8b608c53f7 bp 0x7ffff00b49d0 sp 0x7ffff00b4190
READ of size 32768 at 0x60820001220b thread T0
    #0 0x7f8b608c53f6 (/usr/lib/x86_64-linux-gnu/libasan.so.0.0.0+0xe3f6)
    #1 0x410dfd 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x410dfd)
    #2 0x495eb4 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x495eb4)
    #3 0x4998f3 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x4998f3)
    #4 0x46105d 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x46105d)
    #5 0x470193 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x470193)
    #6 0x40256e 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x40256e)
    #7 0x7f8b6030eec4 (/lib/x86_64-linux-gnu/libc-2.19.so+0x21ec4)
    #8 0x4029dc 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x4029dc)
0x608200016348 is located 0 bytes to the right of 16712-byte region 
[0x608200012200,0x608200016348)
allocated by thread T0 here:
    #0 0x7f8b608cc41a (/usr/lib/x86_64-linux-gnu/libasan.so.0.0.0+0x1541a)
    #1 0x4c3d76 
(/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/selftls+0x4c3d76)
Shadow bytes around the buggy address:
  0x0c10bfffa3f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa410: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa420: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa430: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c10bfffa440: 00[00]00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==74031== ABORTING


I dont know how to make sense of this output. Is this the output ASAN will 
give me or I am missing any parameter to set while compiling.

I have used afl-gcc to compile my program with AFL_USE_ASAN =1.

THanks.

-- 
You received this message because you are subscribed to the Google Groups 
"address-sanitizer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to address-sanitizer+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

How to interpret an unknown crash from ASAN

Reply via email to