解释 ASAN 输出:未知崩溃

Interpreting ASAN output : Unknown Crash

我试图了解 ASAN 输出,它说未知崩溃但没有解决源代码中的任何函数调用。我要查找的错误是 openssl 的 Heartbleed 错误,因此它应该说明 Heap Overflow.

==76779== ERROR: AddressSanitizer: unknown-crash on address 0x60820001220b at pc 0x7fe2c19f93f7 bp 0x7fffc2e50a20 sp 0x7fffc2e501e0
READ of size 32768 at 0x60820001220b thread T0
#0 0x7fe2c19f93f6 (/usr/lib/x86_64-linux-gnu/libasan.so.0.0.0+0xe3f6)
#1 0x4160dd (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x4160dd)
#2 0x49b194 (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x49b194)
#3 0x49ebd3 (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x49ebd3)
#4 0x46633d (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x46633d)
#5 0x475473 (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x475473)
#6 0x407fbf (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x407fbf)
#7 0x7fe2c1269ec4 (/lib/x86_64-linux-gnu/libc-2.19.so+0x21ec4)
#8 0x407b68 (/home/aneela/Documents/Fuzzing_with_afl_fuzz/selftls-master/sefltlsasan+0x407b68)
0x608200016348 is located 0 bytes to the right of 16712-byte region [0x608200012200,0x608200016348)
allocated by thread T0 here:
#0 0x7fe2c1a0041a (/usr/lib/x86_64-linux-gnu/libasan.so.0.0.0+0x1541a)
#1 0x7fe2c166ddf2 (/lib/x86_64-linux-gnu/libcrypto.so.1.0.0+0x5fdf2)
Shadow bytes around the buggy address:
  0x0c10bfffa3f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa410: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa420: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c10bfffa430: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  =>0x0c10bfffa440: 00[00]00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c10bfffa490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
 ==76779== ABORTING

我使用下面的命令来编译我的程序。

gcc -o sefltlsasan -lasan -O -g -fsanitize=address -fno-omit-frame-pointer selftls.c -lcrypto libssl.a && ASAN_OPTIONS=symbolize=1

我能够解决 this link 的问题。

apt-get install llvm
export ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolizer-3.4
ASAN_OPTIONS=symbolize=1 ./selftls 1 crash-packet 

谢谢。