We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The crash context
pwndbg> r Starting program: /home/xxx/workplace/sam2p/sam2p-0.49.4/sam2p ./heapoverflow.pbm xxx.eps This is sam2p 0.49.4. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. Program received signal SIGSEGV, Segmentation fault. 0x000000000040f80a in ?? () LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA ───────────────────────────────────────────────────────────────────────────────[ REGISTERS ]──────────────────────────────────────────────────────────────────────────────── RAX 0x3e5a0 RBX 0x0 RCX 0x1f2d00 RDX 0x3e5a1 RDI 0x0 RSI 0xffffffff R8 0xffffffff R9 0x0 R10 0x7fffffffd500 ◂— 0x0 R11 0x7ffff7a94120 (free) ◂— mov rax, qword ptr [rip + 0x33edc1] R12 0x666010 —▸ 0x447ed0 —▸ 0x42fb10 ◂— push r12 R13 0x669a60 —▸ 0x7ffff7dd37f8 (main_arena+152) —▸ 0x7ffff7dd37e8 (main_arena+136) —▸ 0x7ffff7dd37d8 (main_arena+120) —▸ 0x7ffff7dd37c8 (main_arena+104) ◂— ... R14 0x7ffef7a11010 ◂— 0xffffff0000000000 R15 0x694cd0 ◂— 0x37ffffffff RBP 0x0 RSP 0x7fffffffd7c0 —▸ 0x666010 —▸ 0x447ed0 —▸ 0x42fb10 ◂— push r12 RIP 0x40f80a ◂— movzx r9d, byte ptr [r13 + rax] ─────────────────────────────────────────────────────────────────────────────────[ DISASM ]───────────────────────────────────────────────────────────────────────────────── ► 0x40f80a movzx r9d, byte ptr [r13 + rax] 0x40f810 mov r8d, r9d 0x40f813 mov eax, ecx 0x40f815 add ecx, 1 0x40f818 not r8d 0x40f81b add r9d, r9d 0x40f81e sar r8b, 7 0x40f822 mov byte ptr [r14 + rax], r8b 0x40f826 mov r8d, dword ptr [r15] 0x40f829 cmp r8d, ecx 0x40f82c ja 0x40f800 ─────────────────────────────────────────────────────────────────────────────────[ STACK ]────────────────────────────────────────────────────────────────────────────────── 00:0000│ rsp 0x7fffffffd7c0 —▸ 0x666010 —▸ 0x447ed0 —▸ 0x42fb10 ◂— push r12 01:0008│ 0x7fffffffd7c8 ◂— 0x37006638c0 02:0010│ 0x7fffffffd7d0 —▸ 0x7fffffffddd0 ◂— 0x200000002 03:0018│ 0x7fffffffd7d8 —▸ 0x694cd0 ◂— 0x37ffffffff 04:0020│ 0x7fffffffd7e0 —▸ 0x7fffffffda60 ◂— 0xffffffff00000037 /* '7' */ 05:0028│ 0x7fffffffd7e8 —▸ 0x694d00 —▸ 0x666010 —▸ 0x447ed0 —▸ 0x42fb10 ◂— ... 06:0030│ 0x7fffffffd7f0 —▸ 0x666010 —▸ 0x447ed0 —▸ 0x42fb10 ◂— push r12 07:0038│ 0x7fffffffd7f8 —▸ 0x6638c0 —▸ 0x43e3eb ◂— push rax /* 'PNM' */ ───────────────────────────────────────────────────────────────────────────────[ BACKTRACE ]──────────────────────────────────────────────────────────────────────────────── ► f 0 40f80a f 1 40fd74 f 2 41001a f 3 42d1a8 f 4 401d61 f 5 40149d f 6 7ffff7a32f45 __libc_start_main+245 ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Program received signal SIGSEGV (fault address 0x6a8000) pwndbg>
Sorry I don't know how to compile a debug version.
r13 is a pointer of heap, and rax is too large, so lead to overflow
r13
rax
cmdline
/home/xxx/workplace/sam2p/sam2p-0.49.4/sam2p ./heapoverflow.pbm xxx.eps
poc:
https://github.com/hac425xxx/fuzzdata/blob/master/heapoverflow.pbm
The text was updated successfully, but these errors were encountered:
No branches or pull requests
The crash context
Sorry I don't know how to compile a debug version.
r13is a pointer of heap, andraxis too large, so lead to overflowcmdline
poc:
The text was updated successfully, but these errors were encountered: