View Issue Details

IDProjectCategoryView StatusLast Update
0017267CentOS-7net-toolspublic2020-04-19 15:38
Reporteranselmo 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0017267: [abrt] net-tools: strrchr(): route killed by SIGSEGV
DescriptionDescription of problem:
I wrote bad c++ code to execute route command.

boost::process::ipstream is;
boost::process::child child(boost::process::search_path("route"), boost::process::std_out > is);

When running this code, it was crashed.

Version-Release number of selected component:
net-tools-2.0-0.25.20131004git.el7

Truncated backtrace:
Thread no. 1 (2 frames)
 #0 strrchr at ../sysdeps/x86_64/multiarch/strrchr.S:138
 #1 aftrans_def at af.c:206
Additional Informationreporter: libreport-2.1.11.1
backtrace_rating: 4
cmdline:
crash_function: strrchr
executable: /usr/sbin/route
global_pid: 19949
kernel: 3.10.0-1062.18.1.el7.x86_64
pkg_fingerprint: 24C6 A8A7 F4A8 0EB5
pkg_vendor: CentOS
reproducible: Not sure how to reproduce the problem
runlevel: N 5
type: CCpp
uid: 1000
TagsNo tags attached.
abrt_hash6036bc9be557df9fa978efbffe5e4fbee1575e1d
URLhttps://retrace.fedoraproject.org/faf/reports/bthash/7962fb909b937ebc9a55c1691017043663d8cb31

Activities

anselmo

anselmo

2020-04-19 15:38

reporter  

backtrace (9,600 bytes)
[New LWP 19949]
Core was generated by `'.
Program terminated with signal 11, Segmentation fault.
#0  __strrchr_sse42 () at ../sysdeps/x86_64/multiarch/strrchr.S:138
138		pcmpistri	$0x4a, (%r8), %xmm1

Thread 1 (LWP 19949):
#0  __strrchr_sse42 () at ../sysdeps/x86_64/multiarch/strrchr.S:138
No locals.
#1  0x00005642f8a16661 in aftrans_def (tool=tool@entry=0x5642f8a1f1f0 "route", argv0=argv0@entry=0x0, dflt=dflt@entry=0x5642f8a1df15 "inet") at af.c:206
        tmp = <optimized out>
        buf = <optimized out>
#2  0x00005642f8a15eae in main (argc=<optimized out>, argv=0x7ffda6f775b0) at route.c:208
        i = <optimized out>
        lop = 0
        what = 0
        longopts = {{name = 0x5642f8a1e379 "ax25", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1f1de "x25", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfc3 "ip", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1eedd "ipx", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1e38e "appletalk", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfab "netrom", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1df15 "inet", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1e440 "inet6", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfb2 "ddp", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1f127 "rose", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1f167 "unix", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfb6 "bluetooth", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfc0 "tcpip", has_arg = 0, flag = 0x0, val = 1}, {name = 0x5642f8a1dfc6 "extend", has_arg = 0, flag = 0x0, val = 101}, {name = 0x5642f8a1dfcd "verbose", has_arg = 0, flag = 0x0, val = 118}, {name = 0x5642f8a1dfd5 "version", has_arg = 0, flag = 0x0, val = 86}, {name = 0x5642f8a1dfdd "numeric", has_arg = 0, flag = 0x0, val = 110}, {name = 0x5642f8a1dfe5 "symbolic", has_arg = 0, flag = 0x0, val = 78}, {name = 0x5642f8a1dfee "protocol", has_arg = 1, flag = 0x0, val = 65}, {name = 0x5642f8a1e96c "cache", has_arg = 0, flag = 0x0, val = 67}, {name = 0x5642f8a1dff7 "fib", has_arg = 0, flag = 0x0, val = 70}, {name = 0x5642f8a1dffb "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
        tmp = <optimized out>
        progname = 0x0
        options = <optimized out>
From                To                  Syms Read   Shared Object Library
0x00007fefb2b149a0  0x00007fefb2c648ef  Yes         /lib64/libc.so.6
0x00007fefb2ec3ad0  0x00007fefb2edf010  Yes         /lib64/ld-linux-x86-64.so.2
$1 = 0x0
No symbol "__glib_assert_msg" in current context.
rax            0x0	0
rbx            0x0	0
rcx            0x7fefb2b90aa0	140667472382624
rdx            0x0	0
rsi            0x0	0
rdi            0x0	0
rbp            0x7ffda6f775b0	0x7ffda6f775b0
rsp            0x7ffda6f77158	0x7ffda6f77158
r8             0x0	0
r9             0x0	0
r10            0x5642f8a1df36	94845639188278
r11            0x7fefb2c78bd0	140667473333200
r12            0x5642f8a1f1f0	94845639193072
r13            0x0	0
r14            0x7ffda6f7719c	140727404687772
r15            0x0	0
rip            0x7fefb2c35b50	0x7fefb2c35b50 <__strrchr_sse42+128>
eflags         0x10246	[ PF ZF IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
st0            *value not available*
st1            *value not available*
st2            *value not available*
st3            *value not available*
st4            *value not available*
st5            *value not available*
st6            *value not available*
st7            *value not available*
fctrl          *value not available*
fstat          *value not available*
ftag           *value not available*
fiseg          *value not available*
fioff          *value not available*
foseg          *value not available*
fooff          *value not available*
fop            *value not available*
xmm0           *value not available*
xmm1           *value not available*
xmm2           *value not available*
xmm3           *value not available*
xmm4           *value not available*
xmm5           *value not available*
xmm6           *value not available*
xmm7           *value not available*
xmm8           *value not available*
xmm9           *value not available*
xmm10          *value not available*
xmm11          *value not available*
xmm12          *value not available*
xmm13          *value not available*
xmm14          *value not available*
xmm15          *value not available*
mxcsr          *value not available*
Dump of assembler code for function __strrchr_sse42:
   0x00007fefb2c35ad0 <+0>:	test   %sil,%sil
   0x00007fefb2c35ad3 <+3>:	je     0x7fefb2c3a6f0 <__strend_sse4>
   0x00007fefb2c35ad9 <+9>:	xor    %eax,%eax
   0x00007fefb2c35adb <+11>:	movd   %esi,%xmm1
   0x00007fefb2c35adf <+15>:	punpcklbw %xmm1,%xmm1
   0x00007fefb2c35ae3 <+19>:	mov    %edi,%esi
   0x00007fefb2c35ae5 <+21>:	punpcklbw %xmm1,%xmm1
   0x00007fefb2c35ae9 <+25>:	and    $0xf,%esi
   0x00007fefb2c35aec <+28>:	pshufd $0x0,%xmm1,%xmm1
   0x00007fefb2c35af1 <+33>:	mov    %rdi,%r8
   0x00007fefb2c35af4 <+36>:	je     0x7fefb2c35b50 <__strrchr_sse42+128>
   0x00007fefb2c35af6 <+38>:	lea    0x4c5d3(%rip),%rdx        # 0x7fefb2c820d0
   0x00007fefb2c35afd <+45>:	and    $0xfffffffffffffff0,%r8
   0x00007fefb2c35b01 <+49>:	movslq (%rdx,%rsi,4),%r9
   0x00007fefb2c35b05 <+53>:	movdqa (%r8),%xmm0
   0x00007fefb2c35b0a <+58>:	add    %rdx,%r9
   0x00007fefb2c35b0d <+61>:	jmpq   *%r9
   0x00007fefb2c35b10 <+64>:	psrldq $0x1,%xmm0
   0x00007fefb2c35b15 <+69>:	nop
   0x00007fefb2c35b16 <+70>:	nopw   %cs:0x0(%rax,%rax,1)
   0x00007fefb2c35b20 <+80>:	pcmpistri $0x4a,%xmm1,%xmm0
   0x00007fefb2c35b26 <+86>:	jae    0x7fefb2c35b2c <__strrchr_sse42+92>
   0x00007fefb2c35b28 <+88>:	lea    (%rdi,%rcx,1),%rax
   0x00007fefb2c35b2c <+92>:	pcmpistri $0x3a,%xmm0,%xmm0
   0x00007fefb2c35b32 <+98>:	mov    $0x10,%edx
   0x00007fefb2c35b37 <+103>:	sub    %esi,%edx
   0x00007fefb2c35b39 <+105>:	cmp    %ecx,%edx
   0x00007fefb2c35b3b <+107>:	jg     0x7fefb2c35b80 <__strrchr_sse42+176>
   0x00007fefb2c35b3d <+109>:	add    $0x10,%r8
   0x00007fefb2c35b41 <+113>:	nopl   0x0(%rax,%rax,1)
   0x00007fefb2c35b46 <+118>:	nopw   %cs:0x0(%rax,%rax,1)
=> 0x00007fefb2c35b50 <+128>:	pcmpistri $0x4a,(%r8),%xmm1
   0x00007fefb2c35b57 <+135>:	jbe    0x7fefb2c35b60 <__strrchr_sse42+144>
   0x00007fefb2c35b59 <+137>:	add    $0x10,%r8
   0x00007fefb2c35b5d <+141>:	jmp    0x7fefb2c35b50 <__strrchr_sse42+128>
   0x00007fefb2c35b5f <+143>:	nop
   0x00007fefb2c35b60 <+144>:	je     0x7fefb2c35b70 <__strrchr_sse42+160>
   0x00007fefb2c35b62 <+146>:	lea    (%r8,%rcx,1),%rax
   0x00007fefb2c35b66 <+150>:	add    $0x10,%r8
   0x00007fefb2c35b6a <+154>:	jmp    0x7fefb2c35b50 <__strrchr_sse42+128>
   0x00007fefb2c35b6c <+156>:	nopl   0x0(%rax)
   0x00007fefb2c35b70 <+160>:	jae    0x7fefb2c35b80 <__strrchr_sse42+176>
   0x00007fefb2c35b72 <+162>:	lea    (%r8,%rcx,1),%rax
   0x00007fefb2c35b76 <+166>:	nopw   %cs:0x0(%rax,%rax,1)
   0x00007fefb2c35b80 <+176>:	retq   
   0x00007fefb2c35b81 <+177>:	nopl   0x0(%rax,%rax,1)
   0x00007fefb2c35b86 <+182>:	nopw   %cs:0x0(%rax,%rax,1)
   0x00007fefb2c35b90 <+192>:	psrldq $0xf,%xmm0
   0x00007fefb2c35b95 <+197>:	jmp    0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35b97 <+199>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35ba0 <+208>:	psrldq $0xe,%xmm0
   0x00007fefb2c35ba5 <+213>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35baa <+218>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35bb0 <+224>:	psrldq $0xd,%xmm0
   0x00007fefb2c35bb5 <+229>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35bba <+234>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35bc0 <+240>:	psrldq $0xc,%xmm0
   0x00007fefb2c35bc5 <+245>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35bca <+250>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35bd0 <+256>:	psrldq $0xb,%xmm0
   0x00007fefb2c35bd5 <+261>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35bda <+266>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35be0 <+272>:	psrldq $0xa,%xmm0
   0x00007fefb2c35be5 <+277>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35bea <+282>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35bf0 <+288>:	psrldq $0x9,%xmm0
   0x00007fefb2c35bf5 <+293>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35bfa <+298>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c00 <+304>:	psrldq $0x8,%xmm0
   0x00007fefb2c35c05 <+309>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c0a <+314>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c10 <+320>:	psrldq $0x7,%xmm0
   0x00007fefb2c35c15 <+325>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c1a <+330>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c20 <+336>:	psrldq $0x6,%xmm0
   0x00007fefb2c35c25 <+341>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c2a <+346>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c30 <+352>:	psrldq $0x5,%xmm0
   0x00007fefb2c35c35 <+357>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c3a <+362>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c40 <+368>:	psrldq $0x4,%xmm0
   0x00007fefb2c35c45 <+373>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c4a <+378>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c50 <+384>:	psrldq $0x3,%xmm0
   0x00007fefb2c35c55 <+389>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
   0x00007fefb2c35c5a <+394>:	nopw   0x0(%rax,%rax,1)
   0x00007fefb2c35c60 <+400>:	psrldq $0x2,%xmm0
   0x00007fefb2c35c65 <+405>:	jmpq   0x7fefb2c35b20 <__strrchr_sse42+80>
End of assembler dump.
backtrace (9,600 bytes)
cgroup (200 bytes)
11:cpuset:/
10:freezer:/
9:memory:/
8:hugetlb:/
7:perf_event:/
6:pids:/
5:blkio:/
4:devices:/user.slice
3:net_prio,net_cls:/
2:cpuacct,cpu:/
1:name=systemd:/user.slice/user-1000.slice/session-1.scope
cgroup (200 bytes)
core_backtrace (1,001 bytes)
{   "signal": 11
,   "executable": "/usr/sbin/route"
,   "stacktrace":
      [ {   "crash_thread": true
        ,   "frames":
              [ {   "address": 140667473058640
                ,   "build_id": "398944d32cf16a67af51067a326e6c0cc14f90ed"
                ,   "build_id_offset": 1313616
                ,   "function_name": "__strrchr_sse42"
                ,   "file_name": "/lib64/libc.so.6"
                }
              , {   "address": 94845639157345
                ,   "build_id": "d4247d79c155f032371e34f6c839e9a8f57cc22b"
                ,   "build_id_offset": 13921
                ,   "function_name": "aftrans_def"
                ,   "file_name": "/usr/sbin/route"
                }
              , {   "address": 94845639155374
                ,   "build_id": "d4247d79c155f032371e34f6c839e9a8f57cc22b"
                ,   "build_id_offset": 11950
                ,   "function_name": "main"
                ,   "file_name": "/usr/sbin/route"
                } ]
        } ]
}
core_backtrace (1,001 bytes)
anselmo

anselmo

2020-04-19 15:38

reporter  

dso_list (300 bytes)
/usr/lib64/ld-2.17.so glibc-2.17-292.el7.x86_64 (CentOS) 1568960330
/usr/lib64/libc-2.17.so glibc-2.17-292.el7.x86_64 (CentOS) 1568960330
/usr/sbin/route net-tools-2.0-0.25.20131004git.el7.x86_64 (CentOS) 1568961410
/usr/lib/locale/locale-archive glibc-common-2.17-292.el7.x86_64 (CentOS) 1568960327
dso_list (300 bytes)
environ (4,398 bytes)
XDG_VTNR=1
NVM_INC=/home/anselmo/.nvm/versions/node/v10.19.0/include/node
XDG_SESSION_ID=1
KDE_MULTIHEAD=false
SSH_AGENT_PID=4167
HOSTNAME=anselmo-centos7
IMSETTINGS_INTEGRATE_DESKTOP=yes
NVM_CD_FLAGS=
XDG_MENU_PREFIX=kde4-
SHELL=/bin/bash
TERM=xterm-256color
HISTSIZE=1000
KONSOLE_DBUS_SERVICE=:1.100
GTK2_RC_FILES=/etc/gtk-2.0/gtkrc:/home/anselmo/.gtkrc-2.0:/home/anselmo/.gtkrc-2.0-kde4:/home/anselmo/.kde/share/config/gtkrc-2.0
KONSOLE_PROFILE_NAME=Dracula
GS_LIB=
GTK_RC_FILES=/etc/gtk/gtkrc:/home/anselmo/.gtkrc:/home/anselmo/.kde/share/config/gtkrc
WINDOWID=121634842
QTDIR=/usr/lib64/qt-3.3
SHELL_SESSION_ID=56c4b38016f8400093dc3c6abb08f235
QTINC=/usr/lib64/qt-3.3/include
KDE_FULL_SESSION=true
QT_GRAPHICSSYSTEM_CHECKED=1
IMSETTINGS_MODULE=Nimf
NVM_DIR=/home/anselmo/.nvm
USER=anselmo
LD_LIBRARY_PATH=/home/anselmo/work/sirius/dist/bin:/home/anselmo/work/sirius/dist/bin/apps/attendants/web
XCURSOR_SIZE=0
LS_COLORS=rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:
SSH_AUTH_SOCK=/tmp/ssh-U0oFAhzs5NLc/agent.4072
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/4528,unix/unix:/tmp/.ICE-unix/4528
USERNAME=anselmo
MAIL=/var/spool/mail/anselmo
PATH=/home/anselmo/.local/bin:/home/anselmo/bin:/home/anselmo/.nvm/versions/node/v10.19.0/bin:/usr/lib64/qt-3.3/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/home/anselmo/.yarn/bin:/home/anselmo/code/depot_tools:/home/anselmo/.yarn/bin
DESKTOP_SESSION=1-kde-plasma-standard
QT_IM_MODULE=nimf
PWD=/home/anselmo/work/sirius/dist/bin/apps/carbitrator
XDG_SESSION_TYPE=x11
XMODIFIERS=@im=nimf
KDE_SESSION_UID=1000
LANG=ko_KR.UTF-8
GDM_LANG=ko_KR.UTF-8
KDEDIRS=/usr
SIRIUS_HOME=/home/anselmo/work/sirius/dist
KONSOLE_DBUS_SESSION=/Sessions/7
GDMSESSION=1-kde-plasma-standard
SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
HISTCONTROL=ignoredups
HOME=/home/anselmo
XDG_SEAT=seat0
SHLVL=4
COLORFGBG=15;0
LANGUAGE=
KDE_SESSION_VERSION=4
SDL_VIDEO_MINIMIZE_ON_FOCUS_LOSS=0
XCURSOR_THEME=El_Capitan_CursorsMODNew
LOGNAME=anselmo
XDG_SESSION_DESKTOP=1-kde-plasma-standard
QTLIB=/usr/lib64/qt-3.3/lib
XDG_DATA_DIRS=/home/anselmo/.local/share/flatpak/exports/share/:/var/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-bsqNGGbxLe,guid=a79a8751e6d80efa72f1ecf55e90125a
'LESSOPEN=||/usr/bin/lesspipe.sh %s'
NVM_BIN=/home/anselmo/.nvm/versions/node/v10.19.0/biME=
QT_PLUGIN_PATH=/usr/lib64/kde4/plugins:/usr/lib/kde4/plugins:/home/anselmo/.kde/lib64/kde4/plugins/:/usr/lib64/kde4/plugins/
STEAM_FRAME_FORCE_CLOSE=1
GTK_IM_MODULE=nimf
XDG_CURRENT_DESKTOP=KDE
CHROME_DEVEL_SANDBOX=/usr/local/sbin/chrome-devel-sandbox
XAUTHORITY=/tmp/kde-anselmo/xauth-1000-_0
OLDPWD=/home/anselmo/work/sirius/dist/script
_=./sirius_carbitrator
environ (4,398 bytes)
anselmo

anselmo

2020-04-19 15:38

reporter  

limits (1,323 bytes)
Limit                     Soft Limit           Hard Limit           Units     
Max cpu time              unlimited            unlimited            seconds   
Max file size             unlimited            unlimited            bytes     
Max data size             unlimited            unlimited            bytes     
Max stack size            8388608              unlimited            bytes     
Max core file size        0                    unlimited            bytes     
Max resident set          unlimited            unlimited            bytes     
Max processes             4096                 513739               processes 
Max open files            1024                 524288               files     
Max locked memory         65536                65536                bytes     
Max address space         unlimited            unlimited            bytes     
Max file locks            unlimited            unlimited            locks     
Max pending signals       513739               513739               signals   
Max msgqueue size         819200               819200               bytes     
Max nice priority         0                    0                    
Max realtime priority     0                    0                    
Max realtime timeout      unlimited            unlimited            us        
limits (1,323 bytes)
machineid (135 bytes)
systemd=ac79a75a27a845dcb15e152ba3afddb4
sosreport_uploader-dmidecode=e3913bb7b5f1da7629075365d89558aab0a2b1cde7ec174929b3074c1e2e398c
machineid (135 bytes)
anselmo

anselmo

2020-04-19 15:38

reporter  

maps (1,614 bytes)
5642f8a13000-5642f8a21000 r-xp 00000000 fd:00 36427487                   /usr/sbin/route
5642f8c21000-5642f8c22000 r--p 0000e000 fd:00 36427487                   /usr/sbin/route
5642f8c22000-5642f8c23000 rw-p 0000f000 fd:00 36427487                   /usr/sbin/route
5642f8c23000-5642f8c24000 rw-p 00000000 00:00 0 
5642fa5a7000-5642fa5c8000 rw-p 00000000 00:00 0                          [heap]
7fefac5cb000-7fefb2af5000 r--p 00000000 fd:00 33618241                   /usr/lib/locale/locale-archive
7fefb2af5000-7fefb2cb8000 r-xp 00000000 fd:00 33618045                   /usr/lib64/libc-2.17.so
7fefb2cb8000-7fefb2eb8000 ---p 001c3000 fd:00 33618045                   /usr/lib64/libc-2.17.so
7fefb2eb8000-7fefb2ebc000 r--p 001c3000 fd:00 33618045                   /usr/lib64/libc-2.17.so
7fefb2ebc000-7fefb2ebe000 rw-p 001c7000 fd:00 33618045                   /usr/lib64/libc-2.17.so
7fefb2ebe000-7fefb2ec3000 rw-p 00000000 00:00 0 
7fefb2ec3000-7fefb2ee5000 r-xp 00000000 fd:00 33618244                   /usr/lib64/ld-2.17.so
7fefb30ad000-7fefb30b0000 rw-p 00000000 00:00 0 
7fefb30e3000-7fefb30e4000 rw-p 00000000 00:00 0 
7fefb30e4000-7fefb30e5000 r--p 00021000 fd:00 33618244                   /usr/lib64/ld-2.17.so
7fefb30e5000-7fefb30e6000 rw-p 00022000 fd:00 33618244                   /usr/lib64/ld-2.17.so
7fefb30e6000-7fefb30e7000 rw-p 00000000 00:00 0 
7ffda6f57000-7ffda6f79000 rw-p 00000000 00:00 0                          [stack]
7ffda6fa8000-7ffda6faa000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
maps (1,614 bytes)
open_fds (134 bytes)
0:/dev/null
pos:	0
flags:	0100000
mnt_id:	20
1:pipe:[9368009]
pos:	0
flags:	01
mnt_id:	9
2:/dev/null
pos:	0
flags:	0100001
mnt_id:	20
open_fds (134 bytes)
anselmo

anselmo

2020-04-19 15:38

reporter  

proc_pid_status (1,255 bytes)
Name:	route
Umask:	0002
State:	S (sleeping)
Tgid:	19949
Ngid:	0
Pid:	19949
PPid:	19947
TracerPid:	0
Uid:	1000	1000	1000	1000
Gid:	1000	1000	1000	1000
FDSize:	64
Groups:	10 982 997 1000 1001 
VmPeak:	  107996 kB
VmSize:	  107996 kB
VmLck:	       0 kB
VmPin:	       0 kB
VmHWM:	     380 kB
VmRSS:	     380 kB
RssAnon:	      76 kB
RssFile:	     304 kB
RssShmem:	       0 kB
VmData:	     184 kB
VmStk:	     136 kB
VmExe:	      56 kB
VmLib:	    1940 kB
VmPTE:	      40 kB
VmSwap:	       0 kB
Threads:	1
SigQ:	1/513739
SigPnd:	0000000000000000
ShdPnd:	0000000000000000
SigBlk:	0000000000000000
SigIgn:	0000000000000006
SigCgt:	0000000000000000
CapInh:	0000000000000000
CapPrm:	0000000000000000
CapEff:	0000000000000000
CapBnd:	0000001fffffffff
CapAmb:	0000000000000000
NoNewPrivs:	0
Seccomp:	0
Speculation_Store_Bypass:	thread vulnerable
Cpus_allowed:	ffff
Cpus_allowed_list:	0-15
Mems_allowed:	00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000001
Mems_allowed_list:	0
voluntary_ctxt_switches:	2
nonvoluntary_ctxt_switches:	1
proc_pid_status (1,255 bytes)
var_log_messages (1,158 bytes)
[System Logs]:
 4월 10 18:30:46 anselmo-centos7 kernel: Modules linked in: fuse ipt_MASQUERADE nf_nat_masquerade_ipv4 xt_addrtype br_netfilter ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat iptable_mangle iptable_security iptable_raw nf_conntrack ip_set nfnetlink vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter overlay(T) vfat fat snd_hda_codec_hdmi iTCO_wdt iTCO_vendor_support eeepc_wmi asus_wmi sparse_keymap rfkill video intel_wmi_thunderbolt sb_edac intel_powerclamp coretemp intel_rapl iosf_mbi kvm_intel snd_hda_codec_realtek kvm snd_hda_codec_generic
 4월 20 00:24:12 anselmo-centos7 kernel: route[19949]: segfault at 0 ip 00007fefb2c35b50 sp 00007ffda6f77158 error 4 in libc-2.17.so[7fefb2af5000+1c3000]
 4월 20 00:24:12 anselmo-centos7 abrt-hook-ccpp[19950]: Process 19949 (route) of user 1000 killed by SIGSEGV - dumping core
[User Logs]:
var_log_messages (1,158 bytes)
anselmo

anselmo

2020-04-19 15:38

reporter  

exploitable (76 bytes)
가능한 충돌 원인: 잘못된 주소로 이동 
악용 수준 (0-9): 6
exploitable (76 bytes)

Issue History

Date Modified Username Field Change
2020-04-19 15:38 anselmo New Issue
2020-04-19 15:38 anselmo File Added: backtrace
2020-04-19 15:38 anselmo File Added: cgroup
2020-04-19 15:38 anselmo File Added: core_backtrace
2020-04-19 15:38 anselmo File Added: dso_list
2020-04-19 15:38 anselmo File Added: environ
2020-04-19 15:38 anselmo File Added: limits
2020-04-19 15:38 anselmo File Added: machineid
2020-04-19 15:38 anselmo File Added: maps
2020-04-19 15:38 anselmo File Added: open_fds
2020-04-19 15:38 anselmo File Added: proc_pid_status
2020-04-19 15:38 anselmo File Added: var_log_messages
2020-04-19 15:38 anselmo File Added: exploitable