Skip to content

Segmentation fault in rtextures.c #3924

New issue
New issue
Closed
Closed
Segmentation fault in rtextures.c#3924
@gabe-sherman

Description

@gabe-sherman
gabe-sherman
opened on Apr 19, 2024

A segmentation fault occurs in the below program when provided with malformed input. This behavior occurs at line 497 in rtextures.c.

#include <stdio.h>
#include <stdarg.h>
#include <string.h>
#include <stdlib.h>
#include "raylib.h"

int main(int argc, char *argv[])
{   
    /* Follows conventions of example: 
     * https://www.raylib.com/examples/textures/loader.html.
    */
    LoadImageAnim(argv[1], 0);
    return 0;
}

Test Environment

Ubuntu 22.04, 64bit

How to trigger

./filename poc

Version

Latest: a17a81f

Poc File

https://github.com/FuturesLab/POC/blob/main/raylib/poc-01

Address Sanitizer Output

INFO: FILEIO: [poc] File loaded successfully
/home/gabesherman/harness_test/AutoHarn-Evaluation/raylib/lib_asan/src/rtextures.c:497:20: runtime error: null pointer passed as argument 1, which is declared to never be null
/usr/include/string.h:157:33: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/gabesherman/harness_test/AutoHarn-Evaluation/raylib/lib_asan/src/rtextures.c:497:20 in 
AddressSanitizer:DEADLYSIGNAL
=================================================================
==796613==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5555558631c0 bp 0x7fffffffd150 sp 0x7fffffffc900 T0)
==796613==The signal is caused by a READ memory access.
==796613==Hint: address points to the zero page.
    #0 0x5555558631c0 in strcmp (/home/gabesherman/harness_test/AutoHarn-Results/raylib/autoharn-01/reproducer+0x30f1c0) (BuildId: b466ca905c38f765c156e6174957383803cf2c0e)
    #1 0x555555957155 in LoadImageFromMemory /home/gabesherman/harness_test/AutoHarn-Evaluation/raylib/lib_asan/src/rtextures.c:497:13
    #2 0x555555956f42 in LoadImage /home/gabesherman/harness_test/AutoHarn-Evaluation/raylib/lib_asan/src/rtextures.c:296:35
    #3 0x555555958da0 in LoadImageAnim /home/gabesherman/harness_test/AutoHarn-Evaluation/raylib/lib_asan/src/rtextures.c:443:17
    #4 0x55555590a3d4 in main /home/gabesherman/harness_test/AutoHarn-Results/raylib/autoharn-01/reproducer.c:12:5
    #5 0x7ffff7c29d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #6 0x7ffff7c29e3f in __libc_start_main csu/../csu/libc-start.c:392:3
    #7 0x55555584c6a4 in _start (/home/gabesherman/harness_test/AutoHarn-Results/raylib/autoharn-01/reproducer+0x2f86a4) (BuildId: b466ca905c38f765c156e6174957383803cf2c0e)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/gabesherman/harness_test/AutoHarn-Results/raylib/autoharn-01/reproducer+0x30f1c0) (BuildId: b466ca905c38f765c156e6174957383803cf2c0e) in strcmp
==796613==ABORTING

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions