Hi, while fuzzing another piece of software (FreeTDS), I came across a crash that was in libtasn1, not the software I was fuzzing. It looks like a double free.
Faulting Frame: None @ 0x00007ffff512e22a: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1 Disassembly: Stack Head (13 entries): __GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) __GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) __libc_message @ 0x00007ffff65727ea: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) malloc_printerr @ 0x00007ffff657b477: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) _int_free @ 0x00007ffff657b477: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) __GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) None @ 0x00007ffff512e22a: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1 asn1_delete_structure2 @ 0x00007ffff512f418: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1 None @ 0x00007ffff720e27c: in /usr/lib/x86_64-linux-gnu/libgnutls.so.30.6.2 _dl_fini @ 0x00007ffff7de7c17: in /lib/x86_64-linux-gnu/ld-2.23.so __run_exit_handlers @ 0x00007ffff6534ff8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) __GI_exit @ 0x00007ffff6535045: in /lib/x86_64-linux-gnu/libc-2.23.so (BL) main @ 0x00000000004070bd: in /root/freetds/build/src/apps/tsql Registers: rax=0x0000000000000000 rbx=0x0000000000000067 rcx=0x00007ffff6530428 rdx=0x0000000000000006 rsi=0x0000000000003221 rdi=0x0000000000003221 rbp=0x00007fffffffdb30 rsp=0x00007fffffffd798 r8=0x0000000000000004 r9=0x0000000000000000 r10=0x0000000000000008 r11=0x0000000000000206 r12=0x0000000000000067 r13=0x00007fffffffd948 r14=0x00007fffffffd948 r15=0x0000000000000002 rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000 Since this is potentially security sensitive, how can I get the details to the proper person/people?
signature.asc
Description: Message signed with OpenPGP
