[Bug 1942673] Re: glibc AddressSanitizer:DEADLYSIGNAL

Seth Arnold 1942673 at bugs.launchpad.net
Tue Sep 14 18:06:17 UTC 2021 

Hello, thanks for reporting this to us.

Fuzzers are fantastic tools but getting good results from them is
difficult: they do not actually point out 'the flaw', it still requires
significant investigation of the process state to determine what
internal inconsistency has been exposed, before fixing the flaw. This
investigation and fixing is best carried out together with upstream
software authors, who (reasonably enough) usually want to work with the
newest version of their software, or a development version of their
software.

So, to get the most value from your fuzzing efforts, please:

- fuzz either the most recent release, or development versions, depending upon the project.
- coordinate fuzzing efforts with the project, to find interfaces that need fuzzing and interfaces that do not need fuzzing.
- minimize the test cases, to simplify root-cause analysis.
- prepare a patch; even if not accepted by upstream developers, a patch that addresses a problem often helps narrow down what needs fixing.
- report results directly to upstream developers, in whatever manner they prefer.

Please also consider submitting test harnesses to upstream developers to
use Google's oss-fuzz project, https://google.github.io/oss-fuzz/ which
will run fuzzers on projects using Google's resources, for free. Many
projects could benefit from this service but may not have the time to
learn how to do this themselves.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pcre2 in Ubuntu.
https://bugs.launchpad.net/bugs/1942673

Title:
  glibc AddressSanitizer:DEADLYSIGNAL

Status in pcre2 package in Ubuntu:
  New

Bug description:
  Hello, I found a crash in glibc 2.31 when fuzzing libpcre2 in Ubuntu
  20.04.2 LTS. The input file used to crash the program is attached.

  The command to reproduce :
  --
  sudo apt-get source -y libpcre2-dev
  cd pcre2-10.34/
  CFLAGS="-fsanitize=address -g" CXXFLAGS="-fsanitize=address -g" ./configure 
  make
  cd .libs/
  export LD_LIBRARY_PATH=`pwd`
  cat /tmp/libc_0x1875df | ./pcre2test
  --

  Output from ASAN :
  --
  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==2223969==ERROR: AddressSanitizer: SEGV on unknown address 0x629000010000 (pc 0x7ffff74015e0 bp 0x7fffffff7d70 sp 0x7fffffff74e8 T0)
  ==2223969==The signal is caused by a READ memory access.
      #0 0x7ffff74015df  (/lib/x86_64-linux-gnu/libc.so.6+0x1875df)
      #1 0x7ffff75cef11  (/lib/x86_64-linux-gnu/libasan.so.5+0x4df11)
      #2 0x7ffff753e1f0 in pcre2_match_8 src/pcre2_match.c:6754
      #3 0x555555581d6f in process_data src/pcre2test.c:7539
      #4 0x555555586ce8 in main src/pcre2test.c:9003
      #5 0x7ffff72a10b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
      #6 0x55555556a1ad in _start (/tmp/libpcre2-dev/asan/pcre2-10.34/.libs/pcre2test+0x161ad)

  AddressSanitizer can not provide additional info.
  SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x1875df) 
  --

  Ubuntu versions and libc versions:
  --
  kurisu at ubuntu:/tmp/libpcre2-dev/asan/pcre2-10.34/.libs$ cat /etc/os-release 
  NAME="Ubuntu"
  VERSION="20.04.2 LTS (Focal Fossa)"
  ID=ubuntu
  ID_LIKE=debian
  PRETTY_NAME="Ubuntu 20.04.2 LTS"
  VERSION_ID="20.04"
  HOME_URL="https://www.ubuntu.com/"
  SUPPORT_URL="https://help.ubuntu.com/"
  BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
  PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
  VERSION_CODENAME=focal
  UBUNTU_CODENAME=focal

  kurisu at ubuntu:/tmp/libpcre2-dev/asan/pcre2-10.34/.libs$ /lib/x86_64-linux-gnu/libc.so.6
  GNU C Library (Ubuntu GLIBC 2.31-0ubuntu9.2) stable release version 2.31.
  Copyright (C) 2020 Free Software Foundation, Inc.
  This is free software; see the source for copying conditions.
  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
  PARTICULAR PURPOSE.
  Compiled by GNU CC version 9.3.0.
  libc ABIs: UNIQUE IFUNC ABSOLUTE
  For bug reporting instructions, please see:
  <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
  --

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre2/+bug/1942673/+subscriptions

More information about the foundations-bugs mailing list