Changes between Initial Version and Version 1 of Ticket #2431
- Timestamp:
- 12/26/22 12:37:52 (2 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #2431 – Description
initial v1 2 2 READ of size 6 at 0x61e00004a4a0 thread T0 3 3 4 #0 0x4e9d7e in __interceptor_memcpy.part.41 ( /home/admin/tengine/bin/t-coresystem-tengine-cdn-debug+0x4e9d7e)4 #0 0x4e9d7e in __interceptor_memcpy.part.41 (nginx +0x4e9d7e) 5 5 #1 0x82b1af in ngx_http_v3_insert src/http/v3/ngx_http_v3_table.c:231 6 6 #2 0x82cd6f in ngx_http_v3_duplicate src/http/v3/ngx_http_v3_table.c:421 … … 17 17 #13 0x5864fc in main src/core/nginx.c:448 18 18 #14 0x7fe4638fd444 in __libc_start_main (/lib64/libc.so.6+0x22444) 19 #15 0x4ac228 ( /home/admin/tengine/bin/t-coresystem-tengine-cdn-debug+0x4ac228)19 #15 0x4ac228 (nginx +0x4ac228) 20 20 21 21 freed by thread T0 here: 22 #0 0x54e7e0 in free ( /home/admin/tengine/bin/t-coresystem-tengine-cdn-debug+0x54e7e0)22 #0 0x54e7e0 in free (nginx+0x54e7e0) 23 23 #1 0x82aded in ngx_http_v3_evict src/http/v3/ngx_http_v3_table.c:381 24 24 #2 0x82afec in ngx_http_v3_insert src/http/v3/ngx_http_v3_table.c:210 … … 38 38 39 39 previously allocated by thread T0 here: 40 #0 0x54eaf8 in malloc ( /home/admin/tengine/bin/t-coresystem-tengine-cdn-debug+0x54eaf8)40 #0 0x54eaf8 in malloc (nginx+0x54eaf8) 41 41 #1 0x5fc3a3 in ngx_alloc src/os/unix/ngx_alloc.c:22 42 42 #2 0x82b12d in ngx_http_v3_insert src/http/v3/ngx_http_v3_table.c:221 … … 56 56 #16 0x7fe4638fd444 in __libc_start_main (/lib64/libc.so.6+0x22444) 57 57 58 SUMMARY: AddressSanitizer: heap-use-after-free ( /home/admin/tengine/bin/t-coresystem-tengine-cdn-debug+0x4e9d7e) in __interceptor_memcpy.part.4158 SUMMARY: AddressSanitizer: heap-use-after-free (nginx+0x4e9d7e) in __interceptor_memcpy.part.41 59 59 Shadow bytes around the buggy address: 60 60 0x0c3c80001440: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
