Steps to reproduce: Compile with -fsanitize=address, then run:
info -f reproduce_bug.info Expected behavior: info does not trigger AddressSanitizer errors. Actual behavior:AddressSanitizer reports a heap-buffer-overflow from scan_node_contents() in info/info-utils.c:1676
Comments:This file was generated by afl-fuzz; I don't understand how it creates a heap buffer overflow.
Valgrind also reports invalid reads in various functions (see attached). Sincerely, Nathaniel Beaver P.S. Version information: $ git describe --tags texinfo-6.6-700-g97eb358ee3 $ git rev-parse HEAD 97eb358ee34966dd1dbc80a78bd5bac77748e112 $ info/ginfo --version info (GNU texinfo) 6.7dev Copyright (C) 2019 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
=================================================================
==15700==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x608000000175 at pc 0x557f4a3c44d9 bp 0x7ffc941cc2b0 sp 0x7ffc941cc2a0
READ of size 1 at 0x608000000175 thread T0
#0 0x557f4a3c44d8 in scan_node_contents
/home/nathaniel/src/git/gnu.org/texinfo/info/info-utils.c:1676
#1 0x557f4a3dea14 in info_node_of_tag_ext
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:1284
#2 0x557f4a3dee08 in info_node_of_tag
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:1324
#3 0x557f4a3dd6ed in info_get_node_of_file_buffer
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:1069
#4 0x557f4a3dd25b in info_get_node_with_defaults
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:991
#5 0x557f4a3dd325 in info_get_node
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:1014
#6 0x557f4a3f2484 in dump_node_to_stream
/home/nathaniel/src/git/gnu.org/texinfo/info/session.c:3768
#7 0x557f4a3f22f7 in dump_nodes_to_file
/home/nathaniel/src/git/gnu.org/texinfo/info/session.c:3731
#8 0x557f4a3ca90a in main
/home/nathaniel/src/git/gnu.org/texinfo/info/info.c:1065
#9 0x7f7c81e2cbf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
#10 0x557f4a3aa7e9 in _start
(/home/nathaniel/src/git/gnu.org/texinfo/info/ginfo+0x237e9)
0x608000000175 is located 0 bytes to the right of 85-byte region
[0x608000000120,0x608000000175)
allocated by thread T0 here:
#0 0x7f7c82504b40 in __interceptor_malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
#1 0x557f4a40c5ec in xmalloc
/home/nathaniel/src/git/gnu.org/texinfo/gnulib/lib/xmalloc.c:53
#2 0x557f4a3b85c8 in filesys_read_info_file
/home/nathaniel/src/git/gnu.org/texinfo/info/filesys.c:342
#3 0x557f4a3db6f9 in info_load_file
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:702
#4 0x557f4a3db148 in info_find_file
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:636
#5 0x557f4a3dd23d in info_get_node_with_defaults
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:986
#6 0x557f4a3dd325 in info_get_node
/home/nathaniel/src/git/gnu.org/texinfo/info/nodes.c:1014
#7 0x557f4a3f2484 in dump_node_to_stream
/home/nathaniel/src/git/gnu.org/texinfo/info/session.c:3768
#8 0x557f4a3f22f7 in dump_nodes_to_file
/home/nathaniel/src/git/gnu.org/texinfo/info/session.c:3731
#9 0x557f4a3ca90a in main
/home/nathaniel/src/git/gnu.org/texinfo/info/info.c:1065
#10 0x7f7c81e2cbf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
SUMMARY: AddressSanitizer: heap-buffer-overflow
/home/nathaniel/src/git/gnu.org/texinfo/info/info-utils.c:1676 in
scan_node_contents
Shadow bytes around the buggy address:
0x0c107fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c107fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c107fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c107fff8000: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
0x0c107fff8010: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 06
=>0x0c107fff8020: fa fa fa fa 00 00 00 00 00 00 00 00 00 00[05]fa
0x0c107fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c107fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c107fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c107fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c107fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==15700==ABORTING
==20783== Memcheck, a memory error detector ==20783== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==20783== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info ==20783== Command: /home/nathaniel/local/texinfo/info/ginfo -f reproduce_bug.info ==20783== Parent PID: 20782 ==20783== ==20783== Invalid read of size 1 ==20783== at 0x11A713: scan_node_contents (info-utils.c:1676) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127716: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119CE8: scan_reference_target (info-utils.c:1347) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127727: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119CE8: scan_reference_target (info-utils.c:1347) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127738: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119CE8: scan_reference_target (info-utils.c:1347) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127749: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119CE8: scan_reference_target (info-utils.c:1347) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x117D26: read_bracketed_filename (info-utils.c:62) ==20783== by 0x119D0D: scan_reference_target (info-utils.c:1349) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127716: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119D27: scan_reference_target (info-utils.c:1351) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127727: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119D27: scan_reference_target (info-utils.c:1351) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127738: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119D27: scan_reference_target (info-utils.c:1351) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x127749: skip_whitespace_and_newlines (search.c:572) ==20783== by 0x119D27: scan_reference_target (info-utils.c:1351) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x5118CE0: __strchr_sse2 (strchr.S:24) ==20783== by 0x117F1F: read_quoted_string (info-utils.c:155) ==20783== by 0x119D58: scan_reference_target (info-utils.c:1354) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x117F5B: read_quoted_string (info-utils.c:167) ==20783== by 0x119D58: scan_reference_target (info-utils.c:1354) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x4C398EB: strcspn (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x117F78: read_quoted_string (info-utils.c:169) ==20783== by 0x119D58: scan_reference_target (info-utils.c:1354) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x117F93: read_quoted_string (info-utils.c:171) ==20783== by 0x119D58: scan_reference_target (info-utils.c:1354) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x5118CE0: __strchr_sse2 (strchr.S:24) ==20783== by 0x119D80: scan_reference_target (info-utils.c:1359) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== Invalid read of size 1 ==20783== at 0x4C399AB: strspn (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x119EF6: scan_reference_target (info-utils.c:1405) ==20783== by 0x11A83C: scan_node_contents (info-utils.c:1701) ==20783== by 0x12650F: info_node_of_tag_ext (nodes.c:1284) ==20783== by 0x126697: info_node_of_tag (nodes.c:1324) ==20783== by 0x125E6C: info_get_node_of_file_buffer (nodes.c:1069) ==20783== by 0x125C15: info_get_node_with_defaults (nodes.c:991) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== Address 0x5485b15 is 0 bytes after a block of size 85 alloc'd ==20783== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==20783== by 0x1397E1: xmalloc (xmalloc.c:53) ==20783== by 0x11518C: filesys_read_info_file (filesys.c:342) ==20783== by 0x125208: info_load_file (nodes.c:702) ==20783== by 0x124FAE: info_find_file (nodes.c:636) ==20783== by 0x125BF7: info_get_node_with_defaults (nodes.c:986) ==20783== by 0x12B489: info_select_reference (session.c:2063) ==20783== by 0x127E5E: begin_multiple_window_info_session (session.c:123) ==20783== by 0x12806C: info_session (session.c:211) ==20783== by 0x11D683: main (info.c:1079) ==20783== ==20783== ==20783== HEAP SUMMARY: ==20783== in use at exit: 111,423 bytes in 339 blocks ==20783== total heap usage: 622 allocs, 283 frees, 147,899 bytes allocated ==20783== ==20783== LEAK SUMMARY: ==20783== definitely lost: 0 bytes in 0 blocks ==20783== indirectly lost: 0 bytes in 0 blocks ==20783== possibly lost: 0 bytes in 0 blocks ==20783== still reachable: 111,423 bytes in 339 blocks ==20783== suppressed: 0 bytes in 0 blocks ==20783== Rerun with --leak-check=full to see details of leaked memory ==20783== ==20783== For counts of detected and suppressed errors, rerun with: -v ==20783== ERROR SUMMARY: 16 errors from 16 contexts (suppressed: 0 from 0)
original.info
Description: application/gnuinfo
reproduce_bug.info
Description: application/gnuinfo
reproduce_bug.info.gz
Description: application/gzip
