SlashTHEM icon indicating copy to clipboard operation
SlashTHEM copied to clipboard

Published 20 hours ago verified publisher icon Soviet5lo

AddressSanitizer: global-buffer-overflow src/mondata.c:331 in dmgtype_fromattack

Open Soviet5lo opened this issue 2 years ago • 0 comments 

==283543==ERROR: AddressSanitizer: global-buffer-overflow on address 0x555555e8c611 at pc 0x555555996e28 bp 0x7fffffffb150 sp 0x7fffffffb140
READ of size 1 at 0x555555e8c611 thread T0
    #0 0x555555996e27 in dmgtype_fromattack src/mondata.c:331
    #1 0x555555997a78 in dmgtype src/mondata.c:342
    #2 0x55555583af2b in edibility_prompts src/eat.c:2644
    #3 0x555555850ccd in doeat src/eat.c:2725
    #4 0x555555786d1c in rhack src/cmd.c:3814
    #5 0x55555571d176 in moveloop src/allmain.c:654
    #6 0x555555c264c5 in main sys/unix/unixmain.c:309
    #7 0x7ffff767528f  (/usr/lib/libc.so.6+0x2928f)
    #8 0x7ffff7675349 in __libc_start_main (/usr/lib/libc.so.6+0x29349)
    #9 0x555555718934 in _start (/home/soviet5lo/slashthem/slashthem-0.9.7/slashthem+0x1c4934)

Address 0x555555e8c611 is a wild pointer inside of access range of size 0x000000000001.
SUMMARY: AddressSanitizer: global-buffer-overflow src/mondata.c:331 in dmgtype_fromattack
Shadow bytes around the buggy address:
  0x0aab2abc9870: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x0aab2abc9880: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x0aab2abc9890: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x0aab2abc98a0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x0aab2abc98b0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
=>0x0aab2abc98c0: f9 f9[f9]f9 f9 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x0aab2abc98d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0aab2abc98e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0aab2abc98f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0aab2abc9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0aab2abc9910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==283543==ABORTING

Soviet5lo avatar Jun 06 '22 20:06 Soviet5lo