Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A bug that can lead freemodbus server to crash #43

Open
CAPCOMIN opened this issue Mar 27, 2024 · 0 comments
Open

A bug that can lead freemodbus server to crash #43

CAPCOMIN opened this issue Mar 27, 2024 · 0 comments

Comments

@CAPCOMIN
Copy link

Hi,
I found this bug which leads demo/LINUXTCP to crash while conducting fuzzing experiment.

The log information of message which lead server to crash:
modbusbug2.txt

The ASAN information:

=================================================================
==9863==ERROR: AddressSanitizer: SEGV on unknown address 0x000009026928 (pc 0x0000004c4c97 bp 0x7f2c32efede0 sp 0x7f2c32efed20 T1)
==9863==The signal is caused by a READ memory access.
    #0 0x4c4c97 in xMBPortTCPPool /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/port/porttcp.c:205:13
    #1 0x4c4667 in xMBPortEventGet /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/port/portevent.c:69:17
    #2 0x4c6084 in eMBPoll /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/../../modbus/mb.c:351:9
    #3 0x4c416f in pvPollingThread /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/demo.c:215:17
    #4 0x7f2c36853608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
    #5 0x7f2c365fe352 in clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f352)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/port/porttcp.c:205:13 in xMBPortTCPPool
Thread T1 created by T0 here:
    #0 0x47e85a in pthread_create (/home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/tcpmodbus+0x47e85a)
    #1 0x4c39db in bCreatePollingThread /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/demo.c:189:13
    #2 0x4c3502 in main /home/linuxbrew/pin-3.28-98749-g6643ecee5-gcc-linux/source/tools/BinPRE/src/freemodbus/demo/LINUXTCP/demo.c:126:21
    #3 0x7f2c36503082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)

==9863==ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CAPCOMIN