Submit #502317: https://github.com/rizinorg/rizin rizin/rz-bin 309f57434dfa17954f02cdcbb3a2ac4108651767 Buffer Over-readinfo

Titlehttps://github.com/rizinorg/rizin rizin/rz-bin 309f57434dfa17954f02cdcbb3a2ac4108651767 Buffer Over-read
Description **Description** A segv can occur in rz-bin when using the -P options with a specially crafted input file. This issue leads to illegal memory access. **Affected Version** rizin/rz-bin 309f57434dfa17954f02cdcbb3a2ac4108651767 **Steps to Reproduce** ./rizin/bins/bin/rz-bin -P /tmp/poc ERROR: PDB Signature Error! AddressSanitizer:DEADLYSIGNAL ==1551409==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7f80b40918f9 bp 0x7ffd75d2c8f0 sp 0x7ffd75d2c8d0 T0) ==1551409==The signal is caused by a READ memory access. ==1551409==Hint: address points to the zero page. #0 0x7f80b40918f8 in msf_stream_directory_free ../librz/bin/pdb/pdb.c:113 #1 0x7f80b4093db5 in rz_bin_pdb_free ../librz/bin/pdb/pdb.c:383 #2 0x7f80b4093cf9 in rz_bin_pdb_parse_from_buf ../librz/bin/pdb/pdb.c:367 #3 0x7f80b409362a in rz_bin_pdb_parse_from_file ../librz/bin/pdb/pdb.c:317 #4 0x7f80b35e19a9 in rz_core_pdb_load_info ../librz/core/cpdb.c:321 #5 0x7f80b353eacb in rz_core_bin_print ../librz/core/cbin.c:465 #6 0x7f80b85a149f in rz_main_rz_bin ../librz/main/rz-bin.c:1333 #7 0x55efca7da1b4 in main ../binrz/rz-bin/rz-bin.c:8 #8 0x7f80b839b082 in __libc_start_main ../csu/libc-start.c:308 #9 0x55efca7da0cd in _start (/data/swj/optfuzz/benchmark/rizin/bins/bin/rz-bin+0x10cd) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../librz/bin/pdb/pdb.c:113 in msf_stream_directory_free ==1551409==ABORTING ** Env ** Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal
Source⚠️ https://github.com/rizinorg/rizin/issues/4893
User
 wenjusun (UID 80422)
Submission02/17/2025 01:28 AM (1 Year ago)
Moderation02/28/2025 06:00 PM (12 days later)
StatusAccepted
VulDB entry298007 [rizinorg rizin up to 0.7.4 /librz/bin/pdb/pdb.c msf_stream_directory_free -P buffer overflow]
Points20

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!