Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1320774 Details for
Bug 1487467
[abrt] reaver: parse_wps_tag(): wash killed by signal 11
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh92 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
File: backtrace
backtrace (text/plain), 17.92 KB, created by
Adam Hunt
on 2017-09-01 02:35:25 UTC
(
hide
)
Description:
File: backtrace
Filename:
MIME Type:
Creator:
Adam Hunt
Created:
2017-09-01 02:35:25 UTC
Size:
17.92 KB
patch
obsolete
>[New LWP 16866] >[Thread debugging using libthread_db enabled] >Using host libthread_db library "/lib64/libthread_db.so.1". >Core was generated by `wash -f /tmp/wifiteuzndX2/wifite-01.cap -C'. >Program terminated with signal SIGSEGV, Segmentation fault. >#0 0x0000007548a57620 in parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=<optimized out>) at libwps.c:106 >106 wps->locked = (uint8_t) el[0]; > >Thread 1 (Thread 0x7fe35b346700 (LWP 16866)): >#0 0x0000007548a57620 in parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=<optimized out>) at libwps.c:106 > wps_ie_data = 0x75499ac210 "\020J" > el = 0x0 > ptr = 0x0 > src = 0x0 > i = <optimized out> > wps_data_len = 20 > el_len = 1 > elements = {VERSION, STATE, LOCKED, MANUFACTURER, MODEL_NAME, MODEL_NUMBER, DEVICE_NAME, SSID, UUID, SERIAL, SELECTED_REGISTRAR, RESPONSE_TYPE, PRIMARY_DEVICE_TYPE, CONFIG_METHODS, RF_BANDS, OS_VERSION} >#1 0x0000007548a50a06 in parse_wps_settings (packet=0x75499af850 "\200", header=0x7ffdef8590a0, target=<optimized out>, passive=1, mode=0, source=1) at wpsmon.c:323 > rt_header = <optimized out> > frame_header = 0x75499af850 > wps = 0x75499c0870 > bssid = 0x75499ac420 "10:5F:06:7F:BD:A5" > ssid = 0x75499ac230 "CenturyLink0909" > lock_display = 0x0 > wps_parsed = 0 > probe_sent = 0 > channel = 1 > rssi = 0 > channel_changed = 0 >#2 0x0000007548a50b2f in monitor (bssid=0x0, passive=1, source=1, channel=<optimized out>, mode=0) at wpsmon.c:267 > act = {__sigaction_handler = {sa_handler = 0x0, sa_sigaction = 0x0}, sa_mask = {__val = {0 <repeats 16 times>}}, sa_flags = 0, sa_restorer = 0x0} > timer = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value = {tv_sec = 0, tv_usec = 0}} > header = {ts = {tv_sec = 1503742850, tv_usec = 727529}, caplen = 267, len = 267} > header_printed = 1 > packet = 0x75499af850 "\200" >#3 0x0000007548a504c4 in main (argc=<optimized out>, argv=0x7ffdef8594d8) at wpsmon.c:210 > c = <optimized out> > fp = <optimized out> > long_opt_index = 0 > i = <optimized out> > channel = 0 > passive = 1 > mode = 0 > source = <optimized out> > ret_val = 1 > bpf = {bf_len = 11, bf_insns = 0x75499acfc0} > out_file = 0x0 > last_optarg = 0x0 > target = 0x7ffdef859776 "/tmp/wifiteuzndX2/wifite-01.cap" > bssid = 0x0 > short_options = 0x7548a6b814 "i:c:n:o:b:5sfuCDh" > long_options = {{name = 0x7548a6b829 "bssid", has_arg = 1, flag = 0x0, val = 98}, {name = 0x7548a7abda "interface", has_arg = 1, flag = 0x0, val = 105}, {name = 0x7548a6b82f "channel", has_arg = 1, flag = 0x0, val = 99}, {name = 0x7548a6b837 "out-file", has_arg = 1, flag = 0x0, val = 111}, {name = 0x7548a6b840 "probes", has_arg = 1, flag = 0x0, val = 110}, {name = 0x7548a6b847 "daemonize", has_arg = 0, flag = 0x0, val = 68}, {name = 0x7548a6b83b "file", has_arg = 0, flag = 0x0, val = 102}, {name = 0x7548a6b851 "ignore-fcs", has_arg = 0, flag = 0x0, val = 67}, {name = 0x7548a6b85c "5ghz", has_arg = 0, flag = 0x0, val = 53}, {name = 0x7548a6b861 "scan", has_arg = 0, flag = 0x0, val = 115}, {name = 0x7548a6b866 "survey", has_arg = 0, flag = 0x0, val = 117}, {name = 0x7548a6b86d "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}} >From To Syms Read Shared Object Library >0x00007fe35af42f40 0x00007fe35af46942 Yes /lib64/libiw.so.29 >0x00007fe35ad3dde0 0x00007fe35ad3eb0e Yes /lib64/libdl.so.2 >0x00007fe35aa2cf00 0x00007fe35aaa9c5f Yes /lib64/libm.so.6 >0x00007fe35a7ea470 0x00007fe35a80b968 Yes /lib64/libpcap.so.1 >0x00007fe35a4f3da0 0x00007fe35a5b47d0 Yes /lib64/libsqlite3.so.0 >0x00007fe35a135b70 0x00007fe35a291f73 Yes /lib64/libc.so.6 >0x00007fe35b14ac50 0x00007fe35b169590 Yes /lib64/ld-linux-x86-64.so.2 >0x00007fe359efc860 0x00007fe359f0aaa1 Yes /lib64/libpthread.so.0 >$1 = 0x0 >rax 0x0 0 >rbx 0x7ffdef85a000 140728621965312 >rcx 0x0 0 >rdx 0x0 0 >rsi 0x14 20 >rdi 0x75499ac210 503746052624 >rbp 0x7548a79638 0x7548a79638 >rsp 0x7ffdef858ef0 0x7ffdef858ef0 >r8 0x1049 4169 >r9 0x14 20 >r10 0x10 16 >r11 0xe5 229 >r12 0x75499ac210 503746052624 >r13 0x7ffdef858f98 140728621961112 >r14 0x0 0 >r15 0x0 0 >rip 0x7548a57620 0x7548a57620 <parse_wps_tag+640> >eflags 0x10246 [ PF ZF IF RF ] >cs 0x33 51 >ss 0x2b 43 >ds 0x0 0 >es 0x0 0 >fs 0x0 0 >gs 0x0 0 >Dump of assembler code for function parse_wps_tag: > 0x0000007548a573a0 <+0>: push %r15 > 0x0000007548a573a2 <+2>: push %r14 > 0x0000007548a573a4 <+4>: push %r13 > 0x0000007548a573a6 <+6>: push %r12 > 0x0000007548a573a8 <+8>: push %rbp > 0x0000007548a573a9 <+9>: push %rbx > 0x0000007548a573aa <+10>: mov %rdx,%rbx > 0x0000007548a573ad <+13>: sub $0x108,%rsp > 0x0000007548a573b4 <+20>: mov %rdx,(%rsp) > 0x0000007548a573b8 <+24>: lea 0xa0(%rsp),%rdx > 0x0000007548a573c0 <+32>: movq $0x0,0xa0(%rsp) > 0x0000007548a573cc <+44>: mov %fs:0x28,%rax > 0x0000007548a573d5 <+53>: mov %rax,0xf8(%rsp) > 0x0000007548a573dd <+61>: xor %eax,%eax > 0x0000007548a573df <+63>: movq $0x0,0xa8(%rsp) > 0x0000007548a573eb <+75>: movl $0x104a,0xb0(%rsp) > 0x0000007548a573f6 <+86>: movl $0x1044,0xb4(%rsp) > 0x0000007548a57401 <+97>: movl $0x1057,0xb8(%rsp) > 0x0000007548a5740c <+108>: movl $0x1021,0xbc(%rsp) > 0x0000007548a57417 <+119>: movl $0x1023,0xc0(%rsp) > 0x0000007548a57422 <+130>: movl $0x1024,0xc4(%rsp) > 0x0000007548a5742d <+141>: movl $0x1011,0xc8(%rsp) > 0x0000007548a57438 <+152>: movl $0x1045,0xcc(%rsp) > 0x0000007548a57443 <+163>: movl $0x1047,0xd0(%rsp) > 0x0000007548a5744e <+174>: movl $0x1042,0xd4(%rsp) > 0x0000007548a57459 <+185>: movl $0x1041,0xd8(%rsp) > 0x0000007548a57464 <+196>: movl $0x103b,0xdc(%rsp) > 0x0000007548a5746f <+207>: movl $0x1054,0xe0(%rsp) > 0x0000007548a5747a <+218>: movl $0x1008,0xe4(%rsp) > 0x0000007548a57485 <+229>: movl $0x103c,0xe8(%rsp) > 0x0000007548a57490 <+240>: movl $0x102d,0xec(%rsp) > 0x0000007548a5749b <+251>: callq 0x7548a570c0 <get_wps_data> > 0x0000007548a574a0 <+256>: test %rax,%rax > 0x0000007548a574a3 <+259>: mov %rax,%r12 > 0x0000007548a574a6 <+262>: movb $0x2,0x2(%rbx) > 0x0000007548a574aa <+266>: je 0x7548a578c6 <parse_wps_tag+1318> > 0x0000007548a574b0 <+272>: mov %rbx,%rax > 0x0000007548a574b3 <+275>: lea 0x2217e(%rip),%rbp # 0x7548a79638 > 0x0000007548a574ba <+282>: lea 0xb4(%rsp),%rbx > 0x0000007548a574c2 <+290>: lea 0x3(%rax),%rsi > 0x0000007548a574c6 <+294>: lea 0xa8(%rsp),%r13 > 0x0000007548a574ce <+302>: mov $0x104a,%r15d > 0x0000007548a574d4 <+308>: mov %rsi,0x98(%rsp) > 0x0000007548a574dc <+316>: lea 0x10b(%rax),%rsi > 0x0000007548a574e3 <+323>: mov %rsi,0x18(%rsp) > 0x0000007548a574e8 <+328>: lea 0xb(%rax),%rsi > 0x0000007548a574ec <+332>: mov %rsi,0x28(%rsp) > 0x0000007548a574f1 <+337>: lea 0x103(%rax),%rsi > 0x0000007548a574f8 <+344>: mov %rsi,0x78(%rsp) > 0x0000007548a574fd <+349>: lea 0x20b(%rax),%rsi > 0x0000007548a57504 <+356>: mov %rsi,0x10(%rsp) > 0x0000007548a57509 <+361>: lea 0x203(%rax),%rsi > 0x0000007548a57510 <+368>: mov %rsi,0x50(%rsp) > 0x0000007548a57515 <+373>: lea 0x30b(%rax),%rsi > 0x0000007548a5751c <+380>: mov %rsi,0x8(%rsp) > 0x0000007548a57521 <+385>: lea 0x303(%rax),%rsi > 0x0000007548a57528 <+392>: mov %rsi,0x30(%rsp) > 0x0000007548a5752d <+397>: lea 0x40b(%rax),%rsi > 0x0000007548a57534 <+404>: mov %rsi,0x20(%rsp) > 0x0000007548a57539 <+409>: lea 0x403(%rax),%rsi > 0x0000007548a57540 <+416>: mov %rsi,0x80(%rsp) > 0x0000007548a57548 <+424>: lea 0x50b(%rax),%rsi > 0x0000007548a5754f <+431>: mov %rsi,0x60(%rsp) > 0x0000007548a57554 <+436>: lea 0x503(%rax),%rsi > 0x0000007548a5755b <+443>: mov %rsi,0x58(%rsp) > 0x0000007548a57560 <+448>: lea 0x603(%rax),%rsi > 0x0000007548a57567 <+455>: mov %rsi,0x38(%rsp) > 0x0000007548a5756c <+460>: lea 0x703(%rax),%rsi > 0x0000007548a57573 <+467>: mov %rsi,0x88(%rsp) > 0x0000007548a5757b <+475>: lea 0x803(%rax),%rsi > 0x0000007548a57582 <+482>: mov %rsi,0x68(%rsp) > 0x0000007548a57587 <+487>: lea 0x903(%rax),%rsi > 0x0000007548a5758e <+494>: mov %rsi,0x40(%rsp) > 0x0000007548a57593 <+499>: lea 0xa03(%rax),%rsi > 0x0000007548a5759a <+506>: mov %rsi,0x90(%rsp) > 0x0000007548a575a2 <+514>: lea 0xb03(%rax),%rsi > 0x0000007548a575a9 <+521>: add $0xc03,%rax > 0x0000007548a575af <+527>: mov %rax,0x48(%rsp) > 0x0000007548a575b4 <+532>: mov %rsi,0x70(%rsp) > 0x0000007548a575b9 <+537>: nopl 0x0(%rax) > 0x0000007548a575c0 <+544>: mov 0xa0(%rsp),%rsi > 0x0000007548a575c8 <+552>: movzwl %r15w,%edx > 0x0000007548a575cc <+556>: mov %r13,%rcx > 0x0000007548a575cf <+559>: mov %r12,%rdi > 0x0000007548a575d2 <+562>: callq 0x7548a571b0 <get_wps_data_element> > 0x0000007548a575d7 <+567>: test %rax,%rax > 0x0000007548a575da <+570>: mov %rax,%r14 > 0x0000007548a575dd <+573>: je 0x7548a57620 <parse_wps_tag+640> > 0x0000007548a575df <+575>: cmpq $0x100,0xa8(%rsp) > 0x0000007548a575eb <+587>: jbe 0x7548a575f9 <parse_wps_tag+601> > 0x0000007548a575ed <+589>: movq $0x100,0xa8(%rsp) > 0x0000007548a575f9 <+601>: lea -0x1008(%r15),%r8d > 0x0000007548a57600 <+608>: cmp $0x4f,%r8d > 0x0000007548a57604 <+612>: ja 0x7548a57620 <parse_wps_tag+640> > 0x0000007548a57606 <+614>: movslq 0x0(%rbp,%r8,4),%rax > 0x0000007548a5760b <+619>: add %rbp,%rax > 0x0000007548a5760e <+622>: jmpq *%rax > 0x0000007548a57610 <+624>: movzbl (%r14),%eax > 0x0000007548a57614 <+628>: mov (%rsp),%rsi > 0x0000007548a57618 <+632>: mov %al,0x2(%rsi) > 0x0000007548a5761b <+635>: nopl 0x0(%rax,%rax,1) >=> 0x0000007548a57620 <+640>: mov (%rbx),%r15d > 0x0000007548a57623 <+643>: add $0x4,%rbx > 0x0000007548a57627 <+647>: jmp 0x7548a575c0 <parse_wps_tag+544> > 0x0000007548a57629 <+649>: nopl 0x0(%rax) > 0x0000007548a57630 <+656>: mov 0xa8(%rsp),%esi > 0x0000007548a57637 <+663>: mov %r14,%rdi > 0x0000007548a5763a <+666>: callq 0x7548a572d0 <hex2str> > 0x0000007548a5763f <+671>: mov 0x40(%rsp),%r8 > 0x0000007548a57644 <+676>: mov %rax,%r15 > 0x0000007548a57647 <+679>: nopw 0x0(%rax,%rax,1) > 0x0000007548a57650 <+688>: lea 0x8(%r8),%rdi > 0x0000007548a57654 <+692>: mov %r8,%rcx > 0x0000007548a57657 <+695>: xor %eax,%eax > 0x0000007548a57659 <+697>: movq $0x0,(%r8) > 0x0000007548a57660 <+704>: movq $0x0,0xf8(%r8) > 0x0000007548a5766b <+715>: and $0xfffffffffffffff8,%rdi > 0x0000007548a5766f <+719>: sub %rdi,%rcx > 0x0000007548a57672 <+722>: add $0x100,%ecx > 0x0000007548a57678 <+728>: shr $0x3,%ecx > 0x0000007548a5767b <+731>: test %r15,%r15 > 0x0000007548a5767e <+734>: rep stos %rax,%es:(%rdi) > 0x0000007548a57681 <+737>: je 0x7548a5771c <parse_wps_tag+892> > 0x0000007548a57687 <+743>: mov %r8,%rdi > 0x0000007548a5768a <+746>: mov $0x100,%edx > 0x0000007548a5768f <+751>: mov %r15,%rsi > 0x0000007548a57692 <+754>: callq 0x7548a4fd90 > 0x0000007548a57697 <+759>: mov %r15,%rdi > 0x0000007548a5769a <+762>: callq 0x7548a4fd50 > 0x0000007548a5769f <+767>: mov %r14,%rdi > 0x0000007548a576a2 <+770>: callq 0x7548a4fd50 > 0x0000007548a576a7 <+775>: jmpq 0x7548a57620 <parse_wps_tag+640> > 0x0000007548a576ac <+780>: nopl 0x0(%rax) > 0x0000007548a576b0 <+784>: movzbl (%r14),%eax > 0x0000007548a576b4 <+788>: mov (%rsp),%rsi > 0x0000007548a576b8 <+792>: mov %al,(%rsi) > 0x0000007548a576ba <+794>: jmpq 0x7548a57620 <parse_wps_tag+640> > 0x0000007548a576bf <+799>: nop > 0x0000007548a576c0 <+800>: mov 0xa8(%rsp),%esi > 0x0000007548a576c7 <+807>: mov %r14,%rdi > 0x0000007548a576ca <+810>: callq 0x7548a572d0 <hex2str> > 0x0000007548a576cf <+815>: mov 0x58(%rsp),%r8 > 0x0000007548a576d4 <+820>: mov %rax,%r15 > 0x0000007548a576d7 <+823>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a576dc <+828>: nopl 0x0(%rax) > 0x0000007548a576e0 <+832>: mov 0x80(%rsp),%rax > 0x0000007548a576e8 <+840>: movq $0x0,(%rax) > 0x0000007548a576ef <+847>: mov 0x60(%rsp),%rsi > 0x0000007548a576f4 <+852>: mov %rax,%r8 > 0x0000007548a576f7 <+855>: movq $0x0,-0x10(%rsi) > 0x0000007548a576ff <+863>: mov 0x20(%rsp),%rdi > 0x0000007548a57704 <+868>: and $0xfffffffffffffff8,%rdi > 0x0000007548a57708 <+872>: sub %rdi,%rax > 0x0000007548a5770b <+875>: mov %rax,%rcx > 0x0000007548a5770e <+878>: xor %eax,%eax > 0x0000007548a57710 <+880>: add $0x100,%ecx > 0x0000007548a57716 <+886>: shr $0x3,%ecx > 0x0000007548a57719 <+889>: rep stos %rax,%es:(%rdi) > 0x0000007548a5771c <+892>: mov 0xa8(%rsp),%rdx > 0x0000007548a57724 <+900>: mov %r14,%rsi > 0x0000007548a57727 <+903>: mov %r8,%rdi > 0x0000007548a5772a <+906>: callq 0x7548a4ff30 > 0x0000007548a5772f <+911>: jmpq 0x7548a5769f <parse_wps_tag+767> > 0x0000007548a57734 <+916>: nopl 0x0(%rax) > 0x0000007548a57738 <+920>: movzbl (%r14),%eax > 0x0000007548a5773c <+924>: mov (%rsp),%rsi > 0x0000007548a57740 <+928>: mov %al,0x1(%rsi) > 0x0000007548a57743 <+931>: jmpq 0x7548a57620 <parse_wps_tag+640> > 0x0000007548a57748 <+936>: nopl 0x0(%rax,%rax,1) > 0x0000007548a57750 <+944>: mov 0xa8(%rsp),%esi > 0x0000007548a57757 <+951>: mov %r14,%rdi > 0x0000007548a5775a <+954>: callq 0x7548a572d0 <hex2str> > 0x0000007548a5775f <+959>: mov 0x38(%rsp),%r8 > 0x0000007548a57764 <+964>: mov %rax,%r15 > 0x0000007548a57767 <+967>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a5776c <+972>: nopl 0x0(%rax) > 0x0000007548a57770 <+976>: mov 0xa8(%rsp),%esi > 0x0000007548a57777 <+983>: mov %r14,%rdi > 0x0000007548a5777a <+986>: callq 0x7548a572d0 <hex2str> > 0x0000007548a5777f <+991>: mov 0x88(%rsp),%r8 > 0x0000007548a57787 <+999>: mov %rax,%r15 > 0x0000007548a5778a <+1002>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a5778f <+1007>: nop > 0x0000007548a57790 <+1008>: mov 0xa8(%rsp),%esi > 0x0000007548a57797 <+1015>: mov %r14,%rdi > 0x0000007548a5779a <+1018>: callq 0x7548a572d0 <hex2str> > 0x0000007548a5779f <+1023>: mov 0x70(%rsp),%r8 > 0x0000007548a577a4 <+1028>: mov %rax,%r15 > 0x0000007548a577a7 <+1031>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a577ac <+1036>: nopl 0x0(%rax) > 0x0000007548a577b0 <+1040>: mov 0xa8(%rsp),%esi > 0x0000007548a577b7 <+1047>: mov %r14,%rdi > 0x0000007548a577ba <+1050>: callq 0x7548a572d0 <hex2str> > 0x0000007548a577bf <+1055>: mov 0x68(%rsp),%r8 > 0x0000007548a577c4 <+1060>: mov %rax,%r15 > 0x0000007548a577c7 <+1063>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a577cc <+1068>: nopl 0x0(%rax) > 0x0000007548a577d0 <+1072>: mov 0xa8(%rsp),%esi > 0x0000007548a577d7 <+1079>: mov %r14,%rdi > 0x0000007548a577da <+1082>: callq 0x7548a572d0 <hex2str> > 0x0000007548a577df <+1087>: mov 0x48(%rsp),%r8 > 0x0000007548a577e4 <+1092>: mov %rax,%r15 > 0x0000007548a577e7 <+1095>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a577ec <+1100>: nopl 0x0(%rax) > 0x0000007548a577f0 <+1104>: mov 0x50(%rsp),%rax > 0x0000007548a577f5 <+1109>: movq $0x0,(%rax) > 0x0000007548a577fc <+1116>: mov 0x8(%rsp),%rsi > 0x0000007548a57801 <+1121>: mov %rax,%r8 > 0x0000007548a57804 <+1124>: movq $0x0,-0x10(%rsi) > 0x0000007548a5780c <+1132>: mov 0x10(%rsp),%rdi > 0x0000007548a57811 <+1137>: jmpq 0x7548a57704 <parse_wps_tag+868> > 0x0000007548a57816 <+1142>: nopw %cs:0x0(%rax,%rax,1) > 0x0000007548a57820 <+1152>: mov 0x78(%rsp),%rax > 0x0000007548a57825 <+1157>: movq $0x0,(%rax) > 0x0000007548a5782c <+1164>: mov 0x10(%rsp),%rsi > 0x0000007548a57831 <+1169>: mov %rax,%r8 > 0x0000007548a57834 <+1172>: movq $0x0,-0x10(%rsi) > 0x0000007548a5783c <+1180>: mov 0x18(%rsp),%rdi > 0x0000007548a57841 <+1185>: jmpq 0x7548a57704 <parse_wps_tag+868> > 0x0000007548a57846 <+1190>: nopw %cs:0x0(%rax,%rax,1) > 0x0000007548a57850 <+1200>: mov 0x98(%rsp),%rax > 0x0000007548a57858 <+1208>: movq $0x0,(%rax) > 0x0000007548a5785f <+1215>: mov 0x18(%rsp),%rsi > 0x0000007548a57864 <+1220>: mov %rax,%r8 > 0x0000007548a57867 <+1223>: movq $0x0,-0x10(%rsi) > 0x0000007548a5786f <+1231>: mov 0x28(%rsp),%rdi > 0x0000007548a57874 <+1236>: jmpq 0x7548a57704 <parse_wps_tag+868> > 0x0000007548a57879 <+1241>: nopl 0x0(%rax) > 0x0000007548a57880 <+1248>: mov 0xa8(%rsp),%esi > 0x0000007548a57887 <+1255>: mov %r14,%rdi > 0x0000007548a5788a <+1258>: callq 0x7548a572d0 <hex2str> > 0x0000007548a5788f <+1263>: mov 0x90(%rsp),%r8 > 0x0000007548a57897 <+1271>: mov %rax,%r15 > 0x0000007548a5789a <+1274>: jmpq 0x7548a57650 <parse_wps_tag+688> > 0x0000007548a5789f <+1279>: nop > 0x0000007548a578a0 <+1280>: mov 0x30(%rsp),%rax > 0x0000007548a578a5 <+1285>: movq $0x0,(%rax) > 0x0000007548a578ac <+1292>: mov 0x20(%rsp),%rsi > 0x0000007548a578b1 <+1297>: mov %rax,%r8 > 0x0000007548a578b4 <+1300>: movq $0x0,-0x10(%rsi) > 0x0000007548a578bc <+1308>: mov 0x8(%rsp),%rdi > 0x0000007548a578c1 <+1313>: jmpq 0x7548a57704 <parse_wps_tag+868> > 0x0000007548a578c6 <+1318>: xor %eax,%eax > 0x0000007548a578c8 <+1320>: mov 0xf8(%rsp),%rbx > 0x0000007548a578d0 <+1328>: xor %fs:0x28,%rbx > 0x0000007548a578d9 <+1337>: jne 0x7548a578ed <parse_wps_tag+1357> > 0x0000007548a578db <+1339>: add $0x108,%rsp > 0x0000007548a578e2 <+1346>: pop %rbx > 0x0000007548a578e3 <+1347>: pop %rbp > 0x0000007548a578e4 <+1348>: pop %r12 > 0x0000007548a578e6 <+1350>: pop %r13 > 0x0000007548a578e8 <+1352>: pop %r14 > 0x0000007548a578ea <+1354>: pop %r15 > 0x0000007548a578ec <+1356>: retq > 0x0000007548a578ed <+1357>: callq 0x7548a4fe28 >End of assembler dump. >== EXPLOITABLE ==
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1320774">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1487467
: 1320774 |
1320775
|
1320776
|
1320777
|
1320778
|
1320779
|
1320780
|
1320781
|
1320782
|
1320783
|
1320784
|
1320785