Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1351411 Details for
Bug 1512397
[abrt] reaver: parse_wps_tag(): reaver killed by SIGSEGV
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh92 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
File: backtrace
backtrace (text/plain), 17.32 KB, created by
Alex Smirnoff
on 2017-11-13 06:21:29 UTC
(
hide
)
Description:
File: backtrace
Filename:
MIME Type:
Creator:
Alex Smirnoff
Created:
2017-11-13 06:21:29 UTC
Size:
17.32 KB
patch
obsolete
>[New LWP 6243] >[Thread debugging using libthread_db enabled] >Using host libthread_db library "/lib64/libthread_db.so.1". >Core was generated by `reaver -i wlp0s26f7u3mon -c 11 -b F8:D1:11:AE:B1:2E -vv'. >Program terminated with signal SIGSEGV, Segmentation fault. >#0 0x000055fa79abced0 in parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=wps@entry=0x7ffc27ea6200) at libwps.c:106 >106 wps->locked = (uint8_t) el[0]; > >Thread 1 (Thread 0x7f8dd7914700 (LWP 6243)): >#0 0x000055fa79abced0 in parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=wps@entry=0x7ffc27ea6200) at libwps.c:106 > wps_ie_data = 0x55fa7a062270 "\020J" > el = 0x0 > ptr = 0x0 > src = 0x0 > i = <optimized out> > wps_data_len = 59 > el_len = 1 > elements = {VERSION, STATE, LOCKED, MANUFACTURER, MODEL_NAME, MODEL_NUMBER, DEVICE_NAME, SSID, UUID, SERIAL, SELECTED_REGISTRAR, RESPONSE_TYPE, PRIMARY_DEVICE_TYPE, CONFIG_METHODS, RF_BANDS, OS_VERSION} >#1 0x000055fa79abd226 in parse_wps_parameters (packet=packet@entry=0x55fa7a009b30 "", len=<optimized out>, wps=wps@entry=0x7ffc27ea6200) at libwps.c:47 > data = <optimized out> > data_len = <optimized out> > offset = <optimized out> > rt_header = <optimized out> >#2 0x000055fa79ab6f5d in is_wps_locked () at 80211.c:205 > wps = {version = 16 '\020', state = 2 '\002', locked = 2 '\002', manufacturer = '\000' <repeats 255 times>, model_name = '\000' <repeats 255 times>, model_number = '\000' <repeats 255 times>, device_name = '\000' <repeats 255 times>, ssid = '\000' <repeats 255 times>, uuid = '0' <repeats 12 times>, "10000000F8D111AEB110", '\000' <repeats 223 times>, serial = '\000' <repeats 255 times>, selected_registrar = '\000' <repeats 255 times>, response_type = '\000' <repeats 255 times>, primary_device_type = '\000' <repeats 255 times>, config_methods = '\000' <repeats 255 times>, rf_bands = "01", '\000' <repeats 253 times>, os_version = '\000' <repeats 255 times>} > header = {ts = {tv_sec = 1510525326, tv_usec = 473108}, caplen = 299, len = 299} > packet = 0x55fa7a009b30 "" > rt_header = <optimized out> > frame_header = 0x55fa7a009b42 >#3 0x000055fa79ab8e57 in crack () at cracker.c:141 > bssid = 0x55fa7a063220 "F8:D1:11:AE:B1:2E" > pin = 0x0 > fail_count = 0 > loop_count = 0 > sleep_count = 0 > assoc_fail_count = <optimized out> > pin_count = 0 > start_time = 1510525325 > result = <optimized out> >#4 0x000055fa79ab6042 in main (argc=8, argv=<optimized out>) at wpscrack.c:103 > ret_val = 1 > r = 0 > start_time = 1510525324 > end_time = 0 > wps = 0x0 >From To Syms Read Shared Object Library >0x00007f8dd7516f40 0x00007f8dd751a942 Yes /lib64/libiw.so.29 >0x00007f8dd7311de0 0x00007f8dd7312b0e Yes /lib64/libdl.so.2 >0x00007f8dd7000f00 0x00007f8dd707dc5f Yes /lib64/libm.so.6 >0x00007f8dd6dbe470 0x00007f8dd6ddf968 Yes /lib64/libpcap.so.1 >0x00007f8dd6ac7da0 0x00007f8dd6b887c0 Yes /lib64/libsqlite3.so.0 >0x00007f8dd6705f00 0x00007f8dd6865703 Yes /lib64/libc.so.6 >0x00007f8dd771ec50 0x00007f8dd773d5a0 Yes /lib64/ld-linux-x86-64.so.2 >0x00007f8dd64cc860 0x00007f8dd64dab91 Yes /lib64/libpthread.so.0 >$1 = 0x0 >rax 0x0 0 >rbx 0x7ffc27ea9000 140720978169856 >rcx 0x0 0 >rdx 0x0 0 >rsi 0x3b 59 >rdi 0x55fa7a062270 94534277407344 >rbp 0x55fa79adf280 0x55fa79adf280 >rsp 0x7ffc27ea60a0 0x7ffc27ea60a0 >r8 0x1049 4169 >r9 0x3b 59 >r10 0x37 55 >r11 0x0 0 >r12 0x55fa7a062270 94534277407344 >r13 0x7ffc27ea6148 140720978157896 >r14 0x0 0 >r15 0x0 0 >rip 0x55fa79abced0 0x55fa79abced0 <parse_wps_tag+640> >eflags 0x10246 [ PF ZF IF RF ] >cs 0x33 51 >ss 0x2b 43 >ds 0x0 0 >es 0x0 0 >fs 0x0 0 >gs 0x0 0 >Dump of assembler code for function parse_wps_tag: > 0x000055fa79abcc50 <+0>: push %r15 > 0x000055fa79abcc52 <+2>: push %r14 > 0x000055fa79abcc54 <+4>: push %r13 > 0x000055fa79abcc56 <+6>: push %r12 > 0x000055fa79abcc58 <+8>: push %rbp > 0x000055fa79abcc59 <+9>: push %rbx > 0x000055fa79abcc5a <+10>: mov %rdx,%rbx > 0x000055fa79abcc5d <+13>: sub $0x108,%rsp > 0x000055fa79abcc64 <+20>: mov %rdx,(%rsp) > 0x000055fa79abcc68 <+24>: lea 0xa0(%rsp),%rdx > 0x000055fa79abcc70 <+32>: movq $0x0,0xa0(%rsp) > 0x000055fa79abcc7c <+44>: mov %fs:0x28,%rax > 0x000055fa79abcc85 <+53>: mov %rax,0xf8(%rsp) > 0x000055fa79abcc8d <+61>: xor %eax,%eax > 0x000055fa79abcc8f <+63>: movq $0x0,0xa8(%rsp) > 0x000055fa79abcc9b <+75>: movl $0x104a,0xb0(%rsp) > 0x000055fa79abcca6 <+86>: movl $0x1044,0xb4(%rsp) > 0x000055fa79abccb1 <+97>: movl $0x1057,0xb8(%rsp) > 0x000055fa79abccbc <+108>: movl $0x1021,0xbc(%rsp) > 0x000055fa79abccc7 <+119>: movl $0x1023,0xc0(%rsp) > 0x000055fa79abccd2 <+130>: movl $0x1024,0xc4(%rsp) > 0x000055fa79abccdd <+141>: movl $0x1011,0xc8(%rsp) > 0x000055fa79abcce8 <+152>: movl $0x1045,0xcc(%rsp) > 0x000055fa79abccf3 <+163>: movl $0x1047,0xd0(%rsp) > 0x000055fa79abccfe <+174>: movl $0x1042,0xd4(%rsp) > 0x000055fa79abcd09 <+185>: movl $0x1041,0xd8(%rsp) > 0x000055fa79abcd14 <+196>: movl $0x103b,0xdc(%rsp) > 0x000055fa79abcd1f <+207>: movl $0x1054,0xe0(%rsp) > 0x000055fa79abcd2a <+218>: movl $0x1008,0xe4(%rsp) > 0x000055fa79abcd35 <+229>: movl $0x103c,0xe8(%rsp) > 0x000055fa79abcd40 <+240>: movl $0x102d,0xec(%rsp) > 0x000055fa79abcd4b <+251>: callq 0x55fa79abc970 <get_wps_data> > 0x000055fa79abcd50 <+256>: test %rax,%rax > 0x000055fa79abcd53 <+259>: mov %rax,%r12 > 0x000055fa79abcd56 <+262>: movb $0x2,0x2(%rbx) > 0x000055fa79abcd5a <+266>: je 0x55fa79abd176 <parse_wps_tag+1318> > 0x000055fa79abcd60 <+272>: mov %rbx,%rax > 0x000055fa79abcd63 <+275>: lea 0x22516(%rip),%rbp # 0x55fa79adf280 > 0x000055fa79abcd6a <+282>: lea 0xb4(%rsp),%rbx > 0x000055fa79abcd72 <+290>: lea 0x3(%rax),%rsi > 0x000055fa79abcd76 <+294>: lea 0xa8(%rsp),%r13 > 0x000055fa79abcd7e <+302>: mov $0x104a,%r15d > 0x000055fa79abcd84 <+308>: mov %rsi,0x98(%rsp) > 0x000055fa79abcd8c <+316>: lea 0x10b(%rax),%rsi > 0x000055fa79abcd93 <+323>: mov %rsi,0x18(%rsp) > 0x000055fa79abcd98 <+328>: lea 0xb(%rax),%rsi > 0x000055fa79abcd9c <+332>: mov %rsi,0x28(%rsp) > 0x000055fa79abcda1 <+337>: lea 0x103(%rax),%rsi > 0x000055fa79abcda8 <+344>: mov %rsi,0x78(%rsp) > 0x000055fa79abcdad <+349>: lea 0x20b(%rax),%rsi > 0x000055fa79abcdb4 <+356>: mov %rsi,0x10(%rsp) > 0x000055fa79abcdb9 <+361>: lea 0x203(%rax),%rsi > 0x000055fa79abcdc0 <+368>: mov %rsi,0x50(%rsp) > 0x000055fa79abcdc5 <+373>: lea 0x30b(%rax),%rsi > 0x000055fa79abcdcc <+380>: mov %rsi,0x8(%rsp) > 0x000055fa79abcdd1 <+385>: lea 0x303(%rax),%rsi > 0x000055fa79abcdd8 <+392>: mov %rsi,0x30(%rsp) > 0x000055fa79abcddd <+397>: lea 0x40b(%rax),%rsi > 0x000055fa79abcde4 <+404>: mov %rsi,0x20(%rsp) > 0x000055fa79abcde9 <+409>: lea 0x403(%rax),%rsi > 0x000055fa79abcdf0 <+416>: mov %rsi,0x80(%rsp) > 0x000055fa79abcdf8 <+424>: lea 0x50b(%rax),%rsi > 0x000055fa79abcdff <+431>: mov %rsi,0x60(%rsp) > 0x000055fa79abce04 <+436>: lea 0x503(%rax),%rsi > 0x000055fa79abce0b <+443>: mov %rsi,0x58(%rsp) > 0x000055fa79abce10 <+448>: lea 0x603(%rax),%rsi > 0x000055fa79abce17 <+455>: mov %rsi,0x38(%rsp) > 0x000055fa79abce1c <+460>: lea 0x703(%rax),%rsi > 0x000055fa79abce23 <+467>: mov %rsi,0x88(%rsp) > 0x000055fa79abce2b <+475>: lea 0x803(%rax),%rsi > 0x000055fa79abce32 <+482>: mov %rsi,0x68(%rsp) > 0x000055fa79abce37 <+487>: lea 0x903(%rax),%rsi > 0x000055fa79abce3e <+494>: mov %rsi,0x40(%rsp) > 0x000055fa79abce43 <+499>: lea 0xa03(%rax),%rsi > 0x000055fa79abce4a <+506>: mov %rsi,0x90(%rsp) > 0x000055fa79abce52 <+514>: lea 0xb03(%rax),%rsi > 0x000055fa79abce59 <+521>: add $0xc03,%rax > 0x000055fa79abce5f <+527>: mov %rax,0x48(%rsp) > 0x000055fa79abce64 <+532>: mov %rsi,0x70(%rsp) > 0x000055fa79abce69 <+537>: nopl 0x0(%rax) > 0x000055fa79abce70 <+544>: mov 0xa0(%rsp),%rsi > 0x000055fa79abce78 <+552>: movzwl %r15w,%edx > 0x000055fa79abce7c <+556>: mov %r13,%rcx > 0x000055fa79abce7f <+559>: mov %r12,%rdi > 0x000055fa79abce82 <+562>: callq 0x55fa79abca60 <get_wps_data_element> > 0x000055fa79abce87 <+567>: test %rax,%rax > 0x000055fa79abce8a <+570>: mov %rax,%r14 > 0x000055fa79abce8d <+573>: je 0x55fa79abced0 <parse_wps_tag+640> > 0x000055fa79abce8f <+575>: cmpq $0x100,0xa8(%rsp) > 0x000055fa79abce9b <+587>: jbe 0x55fa79abcea9 <parse_wps_tag+601> > 0x000055fa79abce9d <+589>: movq $0x100,0xa8(%rsp) > 0x000055fa79abcea9 <+601>: lea -0x1008(%r15),%r8d > 0x000055fa79abceb0 <+608>: cmp $0x4f,%r8d > 0x000055fa79abceb4 <+612>: ja 0x55fa79abced0 <parse_wps_tag+640> > 0x000055fa79abceb6 <+614>: movslq 0x0(%rbp,%r8,4),%rax > 0x000055fa79abcebb <+619>: add %rbp,%rax > 0x000055fa79abcebe <+622>: jmpq *%rax > 0x000055fa79abcec0 <+624>: movzbl (%r14),%eax > 0x000055fa79abcec4 <+628>: mov (%rsp),%rsi > 0x000055fa79abcec8 <+632>: mov %al,0x2(%rsi) > 0x000055fa79abcecb <+635>: nopl 0x0(%rax,%rax,1) >=> 0x000055fa79abced0 <+640>: mov (%rbx),%r15d > 0x000055fa79abced3 <+643>: add $0x4,%rbx > 0x000055fa79abced7 <+647>: jmp 0x55fa79abce70 <parse_wps_tag+544> > 0x000055fa79abced9 <+649>: nopl 0x0(%rax) > 0x000055fa79abcee0 <+656>: mov 0xa8(%rsp),%esi > 0x000055fa79abcee7 <+663>: mov %r14,%rdi > 0x000055fa79abceea <+666>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abceef <+671>: mov 0x40(%rsp),%r8 > 0x000055fa79abcef4 <+676>: mov %rax,%r15 > 0x000055fa79abcef7 <+679>: nopw 0x0(%rax,%rax,1) > 0x000055fa79abcf00 <+688>: lea 0x8(%r8),%rdi > 0x000055fa79abcf04 <+692>: mov %r8,%rcx > 0x000055fa79abcf07 <+695>: xor %eax,%eax > 0x000055fa79abcf09 <+697>: movq $0x0,(%r8) > 0x000055fa79abcf10 <+704>: movq $0x0,0xf8(%r8) > 0x000055fa79abcf1b <+715>: and $0xfffffffffffffff8,%rdi > 0x000055fa79abcf1f <+719>: sub %rdi,%rcx > 0x000055fa79abcf22 <+722>: add $0x100,%ecx > 0x000055fa79abcf28 <+728>: shr $0x3,%ecx > 0x000055fa79abcf2b <+731>: test %r15,%r15 > 0x000055fa79abcf2e <+734>: rep stos %rax,%es:(%rdi) > 0x000055fa79abcf31 <+737>: je 0x55fa79abcfcc <parse_wps_tag+892> > 0x000055fa79abcf37 <+743>: mov %r8,%rdi > 0x000055fa79abcf3a <+746>: mov $0x100,%edx > 0x000055fa79abcf3f <+751>: mov %r15,%rsi > 0x000055fa79abcf42 <+754>: callq 0x55fa79ab5bf0 > 0x000055fa79abcf47 <+759>: mov %r15,%rdi > 0x000055fa79abcf4a <+762>: callq 0x55fa79ab5bb0 > 0x000055fa79abcf4f <+767>: mov %r14,%rdi > 0x000055fa79abcf52 <+770>: callq 0x55fa79ab5bb0 > 0x000055fa79abcf57 <+775>: jmpq 0x55fa79abced0 <parse_wps_tag+640> > 0x000055fa79abcf5c <+780>: nopl 0x0(%rax) > 0x000055fa79abcf60 <+784>: movzbl (%r14),%eax > 0x000055fa79abcf64 <+788>: mov (%rsp),%rsi > 0x000055fa79abcf68 <+792>: mov %al,(%rsi) > 0x000055fa79abcf6a <+794>: jmpq 0x55fa79abced0 <parse_wps_tag+640> > 0x000055fa79abcf6f <+799>: nop > 0x000055fa79abcf70 <+800>: mov 0xa8(%rsp),%esi > 0x000055fa79abcf77 <+807>: mov %r14,%rdi > 0x000055fa79abcf7a <+810>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abcf7f <+815>: mov 0x58(%rsp),%r8 > 0x000055fa79abcf84 <+820>: mov %rax,%r15 > 0x000055fa79abcf87 <+823>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abcf8c <+828>: nopl 0x0(%rax) > 0x000055fa79abcf90 <+832>: mov 0x80(%rsp),%rax > 0x000055fa79abcf98 <+840>: movq $0x0,(%rax) > 0x000055fa79abcf9f <+847>: mov 0x60(%rsp),%rsi > 0x000055fa79abcfa4 <+852>: mov %rax,%r8 > 0x000055fa79abcfa7 <+855>: movq $0x0,-0x10(%rsi) > 0x000055fa79abcfaf <+863>: mov 0x20(%rsp),%rdi > 0x000055fa79abcfb4 <+868>: and $0xfffffffffffffff8,%rdi > 0x000055fa79abcfb8 <+872>: sub %rdi,%rax > 0x000055fa79abcfbb <+875>: mov %rax,%rcx > 0x000055fa79abcfbe <+878>: xor %eax,%eax > 0x000055fa79abcfc0 <+880>: add $0x100,%ecx > 0x000055fa79abcfc6 <+886>: shr $0x3,%ecx > 0x000055fa79abcfc9 <+889>: rep stos %rax,%es:(%rdi) > 0x000055fa79abcfcc <+892>: mov 0xa8(%rsp),%rdx > 0x000055fa79abcfd4 <+900>: mov %r14,%rsi > 0x000055fa79abcfd7 <+903>: mov %r8,%rdi > 0x000055fa79abcfda <+906>: callq 0x55fa79ab5d88 > 0x000055fa79abcfdf <+911>: jmpq 0x55fa79abcf4f <parse_wps_tag+767> > 0x000055fa79abcfe4 <+916>: nopl 0x0(%rax) > 0x000055fa79abcfe8 <+920>: movzbl (%r14),%eax > 0x000055fa79abcfec <+924>: mov (%rsp),%rsi > 0x000055fa79abcff0 <+928>: mov %al,0x1(%rsi) > 0x000055fa79abcff3 <+931>: jmpq 0x55fa79abced0 <parse_wps_tag+640> > 0x000055fa79abcff8 <+936>: nopl 0x0(%rax,%rax,1) > 0x000055fa79abd000 <+944>: mov 0xa8(%rsp),%esi > 0x000055fa79abd007 <+951>: mov %r14,%rdi > 0x000055fa79abd00a <+954>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd00f <+959>: mov 0x38(%rsp),%r8 > 0x000055fa79abd014 <+964>: mov %rax,%r15 > 0x000055fa79abd017 <+967>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd01c <+972>: nopl 0x0(%rax) > 0x000055fa79abd020 <+976>: mov 0xa8(%rsp),%esi > 0x000055fa79abd027 <+983>: mov %r14,%rdi > 0x000055fa79abd02a <+986>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd02f <+991>: mov 0x88(%rsp),%r8 > 0x000055fa79abd037 <+999>: mov %rax,%r15 > 0x000055fa79abd03a <+1002>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd03f <+1007>: nop > 0x000055fa79abd040 <+1008>: mov 0xa8(%rsp),%esi > 0x000055fa79abd047 <+1015>: mov %r14,%rdi > 0x000055fa79abd04a <+1018>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd04f <+1023>: mov 0x70(%rsp),%r8 > 0x000055fa79abd054 <+1028>: mov %rax,%r15 > 0x000055fa79abd057 <+1031>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd05c <+1036>: nopl 0x0(%rax) > 0x000055fa79abd060 <+1040>: mov 0xa8(%rsp),%esi > 0x000055fa79abd067 <+1047>: mov %r14,%rdi > 0x000055fa79abd06a <+1050>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd06f <+1055>: mov 0x68(%rsp),%r8 > 0x000055fa79abd074 <+1060>: mov %rax,%r15 > 0x000055fa79abd077 <+1063>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd07c <+1068>: nopl 0x0(%rax) > 0x000055fa79abd080 <+1072>: mov 0xa8(%rsp),%esi > 0x000055fa79abd087 <+1079>: mov %r14,%rdi > 0x000055fa79abd08a <+1082>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd08f <+1087>: mov 0x48(%rsp),%r8 > 0x000055fa79abd094 <+1092>: mov %rax,%r15 > 0x000055fa79abd097 <+1095>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd09c <+1100>: nopl 0x0(%rax) > 0x000055fa79abd0a0 <+1104>: mov 0x50(%rsp),%rax > 0x000055fa79abd0a5 <+1109>: movq $0x0,(%rax) > 0x000055fa79abd0ac <+1116>: mov 0x8(%rsp),%rsi > 0x000055fa79abd0b1 <+1121>: mov %rax,%r8 > 0x000055fa79abd0b4 <+1124>: movq $0x0,-0x10(%rsi) > 0x000055fa79abd0bc <+1132>: mov 0x10(%rsp),%rdi > 0x000055fa79abd0c1 <+1137>: jmpq 0x55fa79abcfb4 <parse_wps_tag+868> > 0x000055fa79abd0c6 <+1142>: nopw %cs:0x0(%rax,%rax,1) > 0x000055fa79abd0d0 <+1152>: mov 0x78(%rsp),%rax > 0x000055fa79abd0d5 <+1157>: movq $0x0,(%rax) > 0x000055fa79abd0dc <+1164>: mov 0x10(%rsp),%rsi > 0x000055fa79abd0e1 <+1169>: mov %rax,%r8 > 0x000055fa79abd0e4 <+1172>: movq $0x0,-0x10(%rsi) > 0x000055fa79abd0ec <+1180>: mov 0x18(%rsp),%rdi > 0x000055fa79abd0f1 <+1185>: jmpq 0x55fa79abcfb4 <parse_wps_tag+868> > 0x000055fa79abd0f6 <+1190>: nopw %cs:0x0(%rax,%rax,1) > 0x000055fa79abd100 <+1200>: mov 0x98(%rsp),%rax > 0x000055fa79abd108 <+1208>: movq $0x0,(%rax) > 0x000055fa79abd10f <+1215>: mov 0x18(%rsp),%rsi > 0x000055fa79abd114 <+1220>: mov %rax,%r8 > 0x000055fa79abd117 <+1223>: movq $0x0,-0x10(%rsi) > 0x000055fa79abd11f <+1231>: mov 0x28(%rsp),%rdi > 0x000055fa79abd124 <+1236>: jmpq 0x55fa79abcfb4 <parse_wps_tag+868> > 0x000055fa79abd129 <+1241>: nopl 0x0(%rax) > 0x000055fa79abd130 <+1248>: mov 0xa8(%rsp),%esi > 0x000055fa79abd137 <+1255>: mov %r14,%rdi > 0x000055fa79abd13a <+1258>: callq 0x55fa79abcb80 <hex2str> > 0x000055fa79abd13f <+1263>: mov 0x90(%rsp),%r8 > 0x000055fa79abd147 <+1271>: mov %rax,%r15 > 0x000055fa79abd14a <+1274>: jmpq 0x55fa79abcf00 <parse_wps_tag+688> > 0x000055fa79abd14f <+1279>: nop > 0x000055fa79abd150 <+1280>: mov 0x30(%rsp),%rax > 0x000055fa79abd155 <+1285>: movq $0x0,(%rax) > 0x000055fa79abd15c <+1292>: mov 0x20(%rsp),%rsi > 0x000055fa79abd161 <+1297>: mov %rax,%r8 > 0x000055fa79abd164 <+1300>: movq $0x0,-0x10(%rsi) > 0x000055fa79abd16c <+1308>: mov 0x8(%rsp),%rdi > 0x000055fa79abd171 <+1313>: jmpq 0x55fa79abcfb4 <parse_wps_tag+868> > 0x000055fa79abd176 <+1318>: xor %eax,%eax > 0x000055fa79abd178 <+1320>: mov 0xf8(%rsp),%rbx > 0x000055fa79abd180 <+1328>: xor %fs:0x28,%rbx > 0x000055fa79abd189 <+1337>: jne 0x55fa79abd19d <parse_wps_tag+1357> > 0x000055fa79abd18b <+1339>: add $0x108,%rsp > 0x000055fa79abd192 <+1346>: pop %rbx > 0x000055fa79abd193 <+1347>: pop %rbp > 0x000055fa79abd194 <+1348>: pop %r12 > 0x000055fa79abd196 <+1350>: pop %r13 > 0x000055fa79abd198 <+1352>: pop %r14 > 0x000055fa79abd19a <+1354>: pop %r15 > 0x000055fa79abd19c <+1356>: retq > 0x000055fa79abd19d <+1357>: callq 0x55fa79ab5c80 >End of assembler dump. >== EXPLOITABLE ==
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1351411">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1512397
: 1351411 |
1351412
|
1351413
|
1351415
|
1351416
|
1351417
|
1351418
|
1351419
|
1351420
|
1351421
|
1351422
|
1351423