Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1435074 Details for
Bug 1577329
[abrt] reaver: parse_wps_tag(): reaver killed by SIGSEGV
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh92 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
File: backtrace
backtrace (text/plain), 17.55 KB, created by
admin
on 2018-05-11 18:01:00 UTC
(
hide
)
Description:
File: backtrace
Filename:
MIME Type:
Creator:
admin
Created:
2018-05-11 18:01:00 UTC
Size:
17.55 KB
patch
obsolete
>[New LWP 9666] >[Thread debugging using libthread_db enabled] >Using host libthread_db library "/lib64/libthread_db.so.1". >Core was generated by `reaver -i wlp2s0mon -b 70:4f:57:6d:62:52 -a'. >Program terminated with signal SIGSEGV, Segmentation fault. >#0 parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=wps@entry=0x7fffb06f99c0) at libwps.c:107 > >Thread 1 (Thread 0x7fecf7c3e740 (LWP 9666)): >#0 parse_wps_tag (tags=<optimized out>, len=<optimized out>, wps=wps@entry=0x7fffb06f99c0) at libwps.c:107 > wps_ie_data = 0x5579a69236b0 "\020J" > el = 0x0 > ptr = 0x0 > src = 0x0 > i = <optimized out> > wps_data_len = 45 > el_len = 1 > elements = {VERSION, STATE, LOCKED, MANUFACTURER, MODEL_NAME, MODEL_NUMBER, DEVICE_NAME, SSID, UUID, SERIAL, SELECTED_REGISTRAR, RESPONSE_TYPE, PRIMARY_DEVICE_TYPE, CONFIG_METHODS, RF_BANDS, OS_VERSION} >#1 0x00005579a49c8cde in parse_wps_parameters (packet=packet@entry=0x5579a69924a0 "", len=<optimized out>, wps=wps@entry=0x7fffb06f99c0) at libwps.c:47 > data = <optimized out> > data_len = <optimized out> > offset = <optimized out> > rt_header = <optimized out> >#2 0x00005579a49c23b3 in is_wps_locked () at 80211.c:205 > wps = {version = 16 '\020', state = 2 '\002', locked = 2 '\002', manufacturer = '\000' <repeats 255 times>, model_name = '\000' <repeats 255 times>, model_number = '\000' <repeats 255 times>, device_name = '\000' <repeats 255 times>, ssid = '\000' <repeats 255 times>, uuid = "38833092309218839C77704F576D62C4", '\000' <repeats 223 times>, serial = '\000' <repeats 255 times>, selected_registrar = '\000' <repeats 255 times>, response_type = '\000' <repeats 255 times>, primary_device_type = '\000' <repeats 255 times>, config_methods = '\000' <repeats 255 times>, rf_bands = "01", '\000' <repeats 253 times>, os_version = '\000' <repeats 255 times>} > header = {ts = {tv_sec = 1525975770, tv_usec = 347696}, caplen = 301, len = 301} > packet = 0x5579a69924a0 "" > rt_header = <optimized out> > frame_header = <optimized out> >#3 0x00005579a49c4357 in crack () at cracker.c:130 > bssid = 0x5579a697bfc0 "70:4F:57:6D:62:52" > pin = 0x0 > fail_count = <optimized out> > loop_count = 0 > sleep_count = 0 > assoc_fail_count = <optimized out> > pin_count = <optimized out> > start_time = 1525975769 > result = <optimized out> >#4 0x00005579a49c1476 in main (argc=6, argv=<optimized out>) at wpscrack.c:103 > ret_val = 1 > r = 0 > start_time = 1525975767 > end_time = 0 > wps = 0x0 >From To Syms Read Shared Object Library >0x00007fecf7835f90 0x00007fecf7839a4a Yes /lib64/libiw.so.29 >0x00007fecf7630ee0 0x00007fecf7631bae Yes /lib64/libdl.so.2 >0x00007fecf72a79f0 0x00007fecf7359f5a Yes /lib64/libm.so.6 >0x00007fecf705e880 0x00007fecf708033e Yes /lib64/libpcap.so.1 >0x00007fecf6d645d0 0x00007fecf6e283d0 No /lib64/libsqlite3.so.0 >0x00007fecf69b9370 0x00007fecf6b0051f Yes /lib64/libc.so.6 >0x00007fecf7a3df60 0x00007fecf7a5a980 Yes /lib64/ld-linux-x86-64.so.2 >0x00007fecf6783420 0x00007fecf67905f7 Yes (*) /lib64/libz.so.1 >0x00007fecf6567b90 0x00007fecf65757f1 Yes /lib64/libpthread.so.0 >(*): Shared library is missing debugging information. >$1 = 0x0 >rax 0x0 0 >rbx 0x7fffb06fd000 140736153505792 >rcx 0x0 0 >rdx 0x0 0 >rsi 0x2d 45 >rdi 0x5579a69236b0 93980974003888 >rbp 0x5579a49eac80 0x5579a49eac80 >rsp 0x7fffb06f9860 0x7fffb06f9860 >r8 0x1049 4169 >r9 0x2d 45 >r10 0x29 41 >r11 0x7fecf6b141f0 140655727821296 >r12 0x5579a69236b0 93980974003888 >r13 0x7fffb06f9908 140736153491720 >r14 0x0 0 >r15 0x0 0 >rip 0x5579a49c8978 0x5579a49c8978 <parse_wps_tag+616> >eflags 0x10246 [ PF ZF IF RF ] >cs 0x33 51 >ss 0x2b 43 >ds 0x0 0 >es 0x0 0 >fs 0x0 0 >gs 0x0 0 >Dump of assembler code for function parse_wps_tag: > 0x00005579a49c8710 <+0>: endbr64 > 0x00005579a49c8714 <+4>: push %r15 > 0x00005579a49c8716 <+6>: push %r14 > 0x00005579a49c8718 <+8>: push %r13 > 0x00005579a49c871a <+10>: push %r12 > 0x00005579a49c871c <+12>: push %rbp > 0x00005579a49c871d <+13>: push %rbx > 0x00005579a49c871e <+14>: mov %rdx,%rbx > 0x00005579a49c8721 <+17>: sub $0x108,%rsp > 0x00005579a49c8728 <+24>: mov %rdx,(%rsp) > 0x00005579a49c872c <+28>: lea 0xa0(%rsp),%rdx > 0x00005579a49c8734 <+36>: mov %fs:0x28,%rax > 0x00005579a49c873d <+45>: mov %rax,0xf8(%rsp) > 0x00005579a49c8745 <+53>: xor %eax,%eax > 0x00005579a49c8747 <+55>: movabs $0x10440000104a,%rax > 0x00005579a49c8751 <+65>: movq $0x0,0xa0(%rsp) > 0x00005579a49c875d <+77>: mov %rax,0xb0(%rsp) > 0x00005579a49c8765 <+85>: movabs $0x102100001057,%rax > 0x00005579a49c876f <+95>: mov %rax,0xb8(%rsp) > 0x00005579a49c8777 <+103>: movabs $0x102400001023,%rax > 0x00005579a49c8781 <+113>: mov %rax,0xc0(%rsp) > 0x00005579a49c8789 <+121>: movabs $0x104500001011,%rax > 0x00005579a49c8793 <+131>: mov %rax,0xc8(%rsp) > 0x00005579a49c879b <+139>: movabs $0x104200001047,%rax > 0x00005579a49c87a5 <+149>: mov %rax,0xd0(%rsp) > 0x00005579a49c87ad <+157>: movabs $0x103b00001041,%rax > 0x00005579a49c87b7 <+167>: mov %rax,0xd8(%rsp) > 0x00005579a49c87bf <+175>: movabs $0x100800001054,%rax > 0x00005579a49c87c9 <+185>: mov %rax,0xe0(%rsp) > 0x00005579a49c87d1 <+193>: movabs $0x102d0000103c,%rax > 0x00005579a49c87db <+203>: movq $0x0,0xa8(%rsp) > 0x00005579a49c87e7 <+215>: mov %rax,0xe8(%rsp) > 0x00005579a49c87ef <+223>: callq 0x5579a49c8430 <get_wps_data> > 0x00005579a49c87f4 <+228>: movb $0x2,0x2(%rbx) > 0x00005579a49c87f8 <+232>: mov %rax,%r12 > 0x00005579a49c87fb <+235>: test %rax,%rax > 0x00005579a49c87fe <+238>: je 0x5579a49c8c26 <parse_wps_tag+1302> > 0x00005579a49c8804 <+244>: mov %rbx,%rax > 0x00005579a49c8807 <+247>: mov $0x104a,%r15d > 0x00005579a49c880d <+253>: lea 0xb4(%rsp),%rbx > 0x00005579a49c8815 <+261>: lea 0x3(%rax),%rsi > 0x00005579a49c8819 <+265>: lea 0x22460(%rip),%rbp # 0x5579a49eac80 > 0x00005579a49c8820 <+272>: mov %rsi,0x28(%rsp) > 0x00005579a49c8825 <+277>: lea 0x10b(%rax),%rsi > 0x00005579a49c882c <+284>: lea 0xa8(%rsp),%r13 > 0x00005579a49c8834 <+292>: mov %rsi,0x8(%rsp) > 0x00005579a49c8839 <+297>: lea 0xb(%rax),%rsi > 0x00005579a49c883d <+301>: mov %rsi,0x38(%rsp) > 0x00005579a49c8842 <+306>: lea 0x103(%rax),%rsi > 0x00005579a49c8849 <+313>: mov %rsi,0x90(%rsp) > 0x00005579a49c8851 <+321>: lea 0x20b(%rax),%rsi > 0x00005579a49c8858 <+328>: mov %rsi,0x20(%rsp) > 0x00005579a49c885d <+333>: lea 0x203(%rax),%rsi > 0x00005579a49c8864 <+340>: mov %rsi,0x80(%rsp) > 0x00005579a49c886c <+348>: lea 0x30b(%rax),%rsi > 0x00005579a49c8873 <+355>: mov %rsi,0x18(%rsp) > 0x00005579a49c8878 <+360>: lea 0x303(%rax),%rsi > 0x00005579a49c887f <+367>: mov %rsi,0x70(%rsp) > 0x00005579a49c8884 <+372>: lea 0x40b(%rax),%rsi > 0x00005579a49c888b <+379>: mov %rsi,0x10(%rsp) > 0x00005579a49c8890 <+384>: lea 0x403(%rax),%rsi > 0x00005579a49c8897 <+391>: mov %rsi,0x60(%rsp) > 0x00005579a49c889c <+396>: lea 0x50b(%rax),%rsi > 0x00005579a49c88a3 <+403>: mov %rsi,0x58(%rsp) > 0x00005579a49c88a8 <+408>: lea 0x503(%rax),%rsi > 0x00005579a49c88af <+415>: mov %rsi,0x50(%rsp) > 0x00005579a49c88b4 <+420>: lea 0x603(%rax),%rsi > 0x00005579a49c88bb <+427>: mov %rsi,0x48(%rsp) > 0x00005579a49c88c0 <+432>: lea 0x703(%rax),%rsi > 0x00005579a49c88c7 <+439>: mov %rsi,0x40(%rsp) > 0x00005579a49c88cc <+444>: lea 0x803(%rax),%rsi > 0x00005579a49c88d3 <+451>: mov %rsi,0x30(%rsp) > 0x00005579a49c88d8 <+456>: lea 0x903(%rax),%rsi > 0x00005579a49c88df <+463>: mov %rsi,0x98(%rsp) > 0x00005579a49c88e7 <+471>: lea 0xa03(%rax),%rsi > 0x00005579a49c88ee <+478>: mov %rsi,0x88(%rsp) > 0x00005579a49c88f6 <+486>: lea 0xb03(%rax),%rsi > 0x00005579a49c88fd <+493>: add $0xc03,%rax > 0x00005579a49c8903 <+499>: mov %rsi,0x78(%rsp) > 0x00005579a49c8908 <+504>: mov %rax,0x68(%rsp) > 0x00005579a49c890d <+509>: nopl (%rax) > 0x00005579a49c8910 <+512>: mov 0xa0(%rsp),%rsi > 0x00005579a49c8918 <+520>: movzwl %r15w,%edx > 0x00005579a49c891c <+524>: mov %r13,%rcx > 0x00005579a49c891f <+527>: mov %r12,%rdi > 0x00005579a49c8922 <+530>: callq 0x5579a49c8520 <get_wps_data_element> > 0x00005579a49c8927 <+535>: mov %rax,%r14 > 0x00005579a49c892a <+538>: test %rax,%rax > 0x00005579a49c892d <+541>: je 0x5579a49c8978 <parse_wps_tag+616> > 0x00005579a49c892f <+543>: cmpq $0x100,0xa8(%rsp) > 0x00005579a49c893b <+555>: jbe 0x5579a49c8949 <parse_wps_tag+569> > 0x00005579a49c893d <+557>: movq $0x100,0xa8(%rsp) > 0x00005579a49c8949 <+569>: lea -0x1008(%r15),%r8d > 0x00005579a49c8950 <+576>: cmp $0x4f,%r8d > 0x00005579a49c8954 <+580>: ja 0x5579a49c8978 <parse_wps_tag+616> > 0x00005579a49c8956 <+582>: movslq 0x0(%rbp,%r8,4),%rax > 0x00005579a49c895b <+587>: add %rbp,%rax > 0x00005579a49c895e <+590>: notrack jmpq *%rax > 0x00005579a49c8961 <+593>: nopl 0x0(%rax) > 0x00005579a49c8968 <+600>: movzbl (%r14),%eax > 0x00005579a49c896c <+604>: mov (%rsp),%rsi > 0x00005579a49c8970 <+608>: mov %al,0x2(%rsi) > 0x00005579a49c8973 <+611>: nopl 0x0(%rax,%rax,1) >=> 0x00005579a49c8978 <+616>: mov (%rbx),%r15d > 0x00005579a49c897b <+619>: add $0x4,%rbx > 0x00005579a49c897f <+623>: jmp 0x5579a49c8910 <parse_wps_tag+512> > 0x00005579a49c8981 <+625>: nopl 0x0(%rax) > 0x00005579a49c8988 <+632>: mov 0xa8(%rsp),%esi > 0x00005579a49c898f <+639>: mov %r14,%rdi > 0x00005579a49c8992 <+642>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8997 <+647>: mov 0x98(%rsp),%r8 > 0x00005579a49c899f <+655>: mov %rax,%r15 > 0x00005579a49c89a2 <+658>: nopw 0x0(%rax,%rax,1) > 0x00005579a49c89a8 <+664>: lea 0x8(%r8),%rdi > 0x00005579a49c89ac <+668>: mov %r8,%rcx > 0x00005579a49c89af <+671>: xor %eax,%eax > 0x00005579a49c89b1 <+673>: movq $0x0,(%r8) > 0x00005579a49c89b8 <+680>: movq $0x0,0xf8(%r8) > 0x00005579a49c89c3 <+691>: and $0xfffffffffffffff8,%rdi > 0x00005579a49c89c7 <+695>: sub %rdi,%rcx > 0x00005579a49c89ca <+698>: add $0x100,%ecx > 0x00005579a49c89d0 <+704>: shr $0x3,%ecx > 0x00005579a49c89d3 <+707>: rep stos %rax,%es:(%rdi) > 0x00005579a49c89d6 <+710>: test %r15,%r15 > 0x00005579a49c89d9 <+713>: je 0x5579a49c8a79 <parse_wps_tag+873> > 0x00005579a49c89df <+719>: mov %r8,%rdi > 0x00005579a49c89e2 <+722>: mov $0x100,%edx > 0x00005579a49c89e7 <+727>: mov %r15,%rsi > 0x00005579a49c89ea <+730>: callq 0x5579a49c0d20 <strncpy@plt> > 0x00005579a49c89ef <+735>: mov %r15,%rdi > 0x00005579a49c89f2 <+738>: callq 0x5579a49c0ca0 <free@plt> > 0x00005579a49c89f7 <+743>: mov %r14,%rdi > 0x00005579a49c89fa <+746>: callq 0x5579a49c0ca0 <free@plt> > 0x00005579a49c89ff <+751>: jmpq 0x5579a49c8978 <parse_wps_tag+616> > 0x00005579a49c8a04 <+756>: nopl 0x0(%rax) > 0x00005579a49c8a08 <+760>: movzbl (%r14),%eax > 0x00005579a49c8a0c <+764>: mov (%rsp),%rsi > 0x00005579a49c8a10 <+768>: mov %al,(%rsi) > 0x00005579a49c8a12 <+770>: jmpq 0x5579a49c8978 <parse_wps_tag+616> > 0x00005579a49c8a17 <+775>: nopw 0x0(%rax,%rax,1) > 0x00005579a49c8a20 <+784>: mov 0xa8(%rsp),%esi > 0x00005579a49c8a27 <+791>: mov %r14,%rdi > 0x00005579a49c8a2a <+794>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8a2f <+799>: mov 0x50(%rsp),%r8 > 0x00005579a49c8a34 <+804>: mov %rax,%r15 > 0x00005579a49c8a37 <+807>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8a3c <+812>: nopl 0x0(%rax) > 0x00005579a49c8a40 <+816>: mov 0x60(%rsp),%rax > 0x00005579a49c8a45 <+821>: movq $0x0,(%rax) > 0x00005579a49c8a4c <+828>: mov 0x58(%rsp),%rsi > 0x00005579a49c8a51 <+833>: mov %rax,%r8 > 0x00005579a49c8a54 <+836>: movq $0x0,-0x10(%rsi) > 0x00005579a49c8a5c <+844>: mov 0x10(%rsp),%rdi > 0x00005579a49c8a61 <+849>: and $0xfffffffffffffff8,%rdi > 0x00005579a49c8a65 <+853>: sub %rdi,%rax > 0x00005579a49c8a68 <+856>: mov %rax,%rcx > 0x00005579a49c8a6b <+859>: xor %eax,%eax > 0x00005579a49c8a6d <+861>: add $0x100,%ecx > 0x00005579a49c8a73 <+867>: shr $0x3,%ecx > 0x00005579a49c8a76 <+870>: rep stos %rax,%es:(%rdi) > 0x00005579a49c8a79 <+873>: mov 0xa8(%rsp),%rdx > 0x00005579a49c8a81 <+881>: mov %r14,%rsi > 0x00005579a49c8a84 <+884>: mov %r8,%rdi > 0x00005579a49c8a87 <+887>: callq 0x5579a49c1040 <memcpy@plt> > 0x00005579a49c8a8c <+892>: jmpq 0x5579a49c89f7 <parse_wps_tag+743> > 0x00005579a49c8a91 <+897>: nopl 0x0(%rax) > 0x00005579a49c8a98 <+904>: movzbl (%r14),%eax > 0x00005579a49c8a9c <+908>: mov (%rsp),%rsi > 0x00005579a49c8aa0 <+912>: mov %al,0x1(%rsi) > 0x00005579a49c8aa3 <+915>: jmpq 0x5579a49c8978 <parse_wps_tag+616> > 0x00005579a49c8aa8 <+920>: nopl 0x0(%rax,%rax,1) > 0x00005579a49c8ab0 <+928>: mov 0xa8(%rsp),%esi > 0x00005579a49c8ab7 <+935>: mov %r14,%rdi > 0x00005579a49c8aba <+938>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8abf <+943>: mov 0x48(%rsp),%r8 > 0x00005579a49c8ac4 <+948>: mov %rax,%r15 > 0x00005579a49c8ac7 <+951>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8acc <+956>: nopl 0x0(%rax) > 0x00005579a49c8ad0 <+960>: mov 0xa8(%rsp),%esi > 0x00005579a49c8ad7 <+967>: mov %r14,%rdi > 0x00005579a49c8ada <+970>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8adf <+975>: mov 0x40(%rsp),%r8 > 0x00005579a49c8ae4 <+980>: mov %rax,%r15 > 0x00005579a49c8ae7 <+983>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8aec <+988>: nopl 0x0(%rax) > 0x00005579a49c8af0 <+992>: mov 0xa8(%rsp),%esi > 0x00005579a49c8af7 <+999>: mov %r14,%rdi > 0x00005579a49c8afa <+1002>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8aff <+1007>: mov 0x78(%rsp),%r8 > 0x00005579a49c8b04 <+1012>: mov %rax,%r15 > 0x00005579a49c8b07 <+1015>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8b0c <+1020>: nopl 0x0(%rax) > 0x00005579a49c8b10 <+1024>: mov 0xa8(%rsp),%esi > 0x00005579a49c8b17 <+1031>: mov %r14,%rdi > 0x00005579a49c8b1a <+1034>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8b1f <+1039>: mov 0x30(%rsp),%r8 > 0x00005579a49c8b24 <+1044>: mov %rax,%r15 > 0x00005579a49c8b27 <+1047>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8b2c <+1052>: nopl 0x0(%rax) > 0x00005579a49c8b30 <+1056>: mov 0xa8(%rsp),%esi > 0x00005579a49c8b37 <+1063>: mov %r14,%rdi > 0x00005579a49c8b3a <+1066>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8b3f <+1071>: mov 0x68(%rsp),%r8 > 0x00005579a49c8b44 <+1076>: mov %rax,%r15 > 0x00005579a49c8b47 <+1079>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8b4c <+1084>: nopl 0x0(%rax) > 0x00005579a49c8b50 <+1088>: mov 0x80(%rsp),%rax > 0x00005579a49c8b58 <+1096>: movq $0x0,(%rax) > 0x00005579a49c8b5f <+1103>: mov 0x18(%rsp),%rsi > 0x00005579a49c8b64 <+1108>: mov %rax,%r8 > 0x00005579a49c8b67 <+1111>: movq $0x0,-0x10(%rsi) > 0x00005579a49c8b6f <+1119>: mov 0x20(%rsp),%rdi > 0x00005579a49c8b74 <+1124>: jmpq 0x5579a49c8a61 <parse_wps_tag+849> > 0x00005579a49c8b79 <+1129>: nopl 0x0(%rax) > 0x00005579a49c8b80 <+1136>: mov 0x90(%rsp),%rax > 0x00005579a49c8b88 <+1144>: movq $0x0,(%rax) > 0x00005579a49c8b8f <+1151>: mov 0x20(%rsp),%rsi > 0x00005579a49c8b94 <+1156>: mov %rax,%r8 > 0x00005579a49c8b97 <+1159>: movq $0x0,-0x10(%rsi) > 0x00005579a49c8b9f <+1167>: mov 0x8(%rsp),%rdi > 0x00005579a49c8ba4 <+1172>: jmpq 0x5579a49c8a61 <parse_wps_tag+849> > 0x00005579a49c8ba9 <+1177>: nopl 0x0(%rax) > 0x00005579a49c8bb0 <+1184>: mov 0x28(%rsp),%rax > 0x00005579a49c8bb5 <+1189>: movq $0x0,(%rax) > 0x00005579a49c8bbc <+1196>: mov 0x8(%rsp),%rsi > 0x00005579a49c8bc1 <+1201>: mov %rax,%r8 > 0x00005579a49c8bc4 <+1204>: movq $0x0,-0x10(%rsi) > 0x00005579a49c8bcc <+1212>: mov 0x38(%rsp),%rdi > 0x00005579a49c8bd1 <+1217>: jmpq 0x5579a49c8a61 <parse_wps_tag+849> > 0x00005579a49c8bd6 <+1222>: nopw %cs:0x0(%rax,%rax,1) > 0x00005579a49c8be0 <+1232>: mov 0xa8(%rsp),%esi > 0x00005579a49c8be7 <+1239>: mov %r14,%rdi > 0x00005579a49c8bea <+1242>: callq 0x5579a49c8640 <hex2str> > 0x00005579a49c8bef <+1247>: mov 0x88(%rsp),%r8 > 0x00005579a49c8bf7 <+1255>: mov %rax,%r15 > 0x00005579a49c8bfa <+1258>: jmpq 0x5579a49c89a8 <parse_wps_tag+664> > 0x00005579a49c8bff <+1263>: nop > 0x00005579a49c8c00 <+1264>: mov 0x70(%rsp),%rax > 0x00005579a49c8c05 <+1269>: movq $0x0,(%rax) > 0x00005579a49c8c0c <+1276>: mov 0x10(%rsp),%rsi > 0x00005579a49c8c11 <+1281>: mov %rax,%r8 > 0x00005579a49c8c14 <+1284>: movq $0x0,-0x10(%rsi) > 0x00005579a49c8c1c <+1292>: mov 0x18(%rsp),%rdi > 0x00005579a49c8c21 <+1297>: jmpq 0x5579a49c8a61 <parse_wps_tag+849> > 0x00005579a49c8c26 <+1302>: xor %eax,%eax > 0x00005579a49c8c28 <+1304>: mov 0xf8(%rsp),%rbx > 0x00005579a49c8c30 <+1312>: xor %fs:0x28,%rbx > 0x00005579a49c8c39 <+1321>: jne 0x5579a49c8c4d <parse_wps_tag+1341> > 0x00005579a49c8c3b <+1323>: add $0x108,%rsp > 0x00005579a49c8c42 <+1330>: pop %rbx > 0x00005579a49c8c43 <+1331>: pop %rbp > 0x00005579a49c8c44 <+1332>: pop %r12 > 0x00005579a49c8c46 <+1334>: pop %r13 > 0x00005579a49c8c48 <+1336>: pop %r14 > 0x00005579a49c8c4a <+1338>: pop %r15 > 0x00005579a49c8c4c <+1340>: retq > 0x00005579a49c8c4d <+1341>: callq 0x5579a49c0e40 <__stack_chk_fail@plt> >End of assembler dump. >== EXPLOITABLE ==
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1435074">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1577329
: 1435074 |
1435075
|
1435076
|
1435077
|
1435078
|
1435079
|
1435080
|
1435081
|
1435082
|
1435083
|
1435084
|
1435085