GNU bug report logs - #34142
AddressSanitizer reported heap-buffer-overflow

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: sed; Reported by: Hongxu Chen <leftcopy.chx@HIDDEN>; dated Sun, 20 Jan 2019 06:11:02 UTC; Maintainer for sed is bug-sed@HIDDEN.

Message received at 34142 <at> debbugs.gnu.org:


Received: (at 34142) by debbugs.gnu.org; 20 Jan 2019 09:15:18 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jan 20 04:15:18 2019
Received: from localhost ([127.0.0.1]:38302 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gl9CI-0005Hb-9c
	for submit <at> debbugs.gnu.org; Sun, 20 Jan 2019 04:15:18 -0500
Received: from mail-pg1-f180.google.com ([209.85.215.180]:43255)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <assafgordon@HIDDEN>) id 1gl9CG-0005HL-Nv
 for 34142 <at> debbugs.gnu.org; Sun, 20 Jan 2019 04:15:17 -0500
Received: by mail-pg1-f180.google.com with SMTP id v28so8085695pgk.10
 for <34142 <at> debbugs.gnu.org>; Sun, 20 Jan 2019 01:15:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:subject:to:references:message-id:date:user-agent:mime-version
 :in-reply-to:content-language:content-transfer-encoding;
 bh=q/Lp0AsiataOEfiZRL7IasK0bOqKKMb/vmJNoxCVkVU=;
 b=GuZQR7dHt22zaN/XxyElvEEtVROzkR7ilAQhtM8zJ5BuLbAjgi688KlpoOmo1Kllc6
 Tz8Utl8kyxJykuXjz6eh97Xp/kd5SP4VCmAa/tK1DlWuhfxCJemM6ZNJEDWn9GUUbHzG
 6MgK/gciuTyYkUQh+lSVf21zhLEBfXcCddZRG8qk/jK+86vjNNA63qnb2F2gdwrG/bwm
 wrlt31rGDXBOfPoYEYyi8eTyNcyIiobwcy4cRoa/wO4g13XQOqCyXIz5PeZeDYr2JqIe
 sgYLgL4Drnpb1BDfQ2lL00Dwi1oYde7QxGCGa7MQD+15PS1aekyqBVgZhljNZlW10VYh
 jT1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:subject:to:references:message-id:date
 :user-agent:mime-version:in-reply-to:content-language
 :content-transfer-encoding;
 bh=q/Lp0AsiataOEfiZRL7IasK0bOqKKMb/vmJNoxCVkVU=;
 b=f+/vnK5/Riqlu62PMz9tYaXuDmkrcrkoar2Pgk0o/iNuN+RRfr3qgFCIX95SaXBBdd
 jCh1oQefvYVvYtTgepIlzMrP3HVKSZiWI/NmJbxWinFR1UCNHtqlCQybM/YL9rHNF1pC
 OHbKjfS4bxqZgGG5KJ7bXzlwwvi9ssRPBllrMvbgPqb+IJ5bMOr3imUYyDtmio7IyRys
 hC6iL5xwexZpFKq/648ZgDMc4ry9cW3oS5CWOYAY43agqeEzN8nhEY4QkOg3AkAMVi2K
 hP4w54PtjipOJpy1uLSmepZzVdDxd+batHFkh6AXvILCzGHU69NqrU+naZxh/D1lALlP
 O4sg==
X-Gm-Message-State: AJcUukc8hSXlTeXHljFYaNvfeZRNUmtZAuMtSqWqjBw30F3tsyT+tuoF
 s5ue9ItFZ+FVYG86rJsbj7Y=
X-Google-Smtp-Source: ALg8bN4+kAfA17Zi0AlY2onzw8h49Zugfa/YJCbKUr2NpGVL6BjB3GJBN9QoFCbVFSXj0hYugylloA==
X-Received: by 2002:aa7:83c6:: with SMTP id j6mr8022346pfn.91.1547975710898;
 Sun, 20 Jan 2019 01:15:10 -0800 (PST)
Received: from tomato.housegordon.com (moose.housegordon.com. [184.68.105.38])
 by smtp.googlemail.com with ESMTPSA id
 t185sm13434103pgd.90.2019.01.20.01.15.09
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 20 Jan 2019 01:15:09 -0800 (PST)
From: Assaf Gordon <assafgordon@HIDDEN>
Subject: Re: bug#34142: AddressSanitizer reported heap-buffer-overflow
To: Hongxu Chen <leftcopy.chx@HIDDEN>, 34142 <at> debbugs.gnu.org,
 "bug-gnulib@HIDDEN List" <bug-gnulib@HIDDEN>
References: <CAJPBKOHEQt0GJ2nF0fTZL9Ld4=sGZiUvrejieSgD9taxGT62ww@HIDDEN>
Message-ID: <33466703-d85e-400d-3f19-f2ece6d9c32a@HIDDEN>
Date: Sun, 20 Jan 2019 02:15:08 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <CAJPBKOHEQt0GJ2nF0fTZL9Ld4=sGZiUvrejieSgD9taxGT62ww@HIDDEN>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34142
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

(forwarding to gnulib)

Hello,

Hongxu Chen reported a heap-buffer-overflow in gnulib's regexec code.

It can be reproduced with current sed using:

      git clone git://git.sv.gnu.org/sed.git
      cd sed
      ./bootstrap && ./configure
      make build-asan

      echo 00000000000000000000000000 | ./sed/sed -E -e 's/(.*)*\1//'

The above 'sed' invocation is a simplified variation of Hongxu's report.

Details below:

On 2019-01-19 11:09 p.m., Hongxu Chen wrote:
> 
>     =================================================================
> ==13920==ERROR: AddressSanitizer: heap-buffer-overflow on address
> 0x606000000233 at pc 0x0000004b4136 bp 0x7ffc475e3930 sp 0x7ffc475e30e0
> READ of size 26 at 0x606000000233 thread T0
>      #0 0x4b4135 in __interceptor_memcmp.part.283
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135)
>      #1 0x5b274c in proceed_next_node
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:1296:9
>      #2 0x597a4c in set_regs /home/hongxu/FOT/sed-O0/./lib/regexec.c:1453:18
>      #3 0x569a4f in re_search_internal
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:864:10
>      #4 0x56acd7 in re_search_stub
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:425:12
>      #5 0x56b061 in rpl_re_search
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:289:10
>      #6 0x52f572 in match_regex /home/hongxu/FOT/sed-O0/sed/regexp.c:358:11
>      #7 0x5292d1 in do_subst /home/hongxu/FOT/sed-O0/sed/execute.c:1015:8
>      #8 0x5233a2 in execute_program
> /home/hongxu/FOT/sed-O0/sed/execute.c:1543:15
>      #9 0x520cba in process_files
> /home/hongxu/FOT/sed-O0/sed/execute.c:1680:16
>      #10 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
>      #11 0x7f1dc2297b96 in __libc_start_main
> /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
>      #12 0x41b219 in _start
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x41b219)
> 
> 0x606000000233 is located 0 bytes to the right of 51-byte region
> [0x606000000200,0x606000000233)
> allocated by thread T0 here:
>      #0 0x4db0d0 in malloc (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4db0d0)
>      #1 0x5624f4 in xmalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:41:13
>      #2 0x5627c4 in xzalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:86:18
>      #3 0x520e16 in line_init /home/hongxu/FOT/sed-O0/sed/execute.c:281:15
>      #4 0x5209ad in process_files
> /home/hongxu/FOT/sed-O0/sed/execute.c:1654:3
>      #5 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
>      #6 0x7f1dc2297b96 in __libc_start_main
> /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
> 
> SUMMARY: AddressSanitizer: heap-buffer-overflow
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135) in
> __interceptor_memcmp.part.283
> Shadow bytes around the buggy address:
>    0x0c0c7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>    0x0c0c7fff8000: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
>    0x0c0c7fff8010: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
>    0x0c0c7fff8020: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fa
>    0x0c0c7fff8030: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
> =>0x0c0c7fff8040: 00 00 00 00 00 00[03]fa fa fa fa fa 00 00 00 00
>    0x0c0c7fff8050: 00 00 03 fa fa fa fa fa 00 00 00 00 00 00 00 00
>    0x0c0c7fff8060: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
>    0x0c0c7fff8070: 00 00 00 00 00 00 00 fa fa fa fa fa 00 00 00 00
>    0x0c0c7fff8080: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd
>    0x0c0c7fff8090: fa fa fa fa 00 00 00 00 00 00 00 00 fa fa fa fa
> Shadow byte legend (one shadow byte represents 8 application bytes):
>    Addressable:           00
>    Partially addressable: 01 02 03 04 05 06 07
>    Heap left redzone:       fa
>    Freed heap region:       fd
>    Stack left redzone:      f1
>    Stack mid redzone:       f2
>    Stack right redzone:     f3
>    Stack after return:      f5
>    Stack use after scope:   f8
>    Global redzone:          f9
>    Global init order:       f6
>    Poisoned by user:        f7
>    Container overflow:      fc
>    Array cookie:            ac
>    Intra object redzone:    bb
>    ASan internal:           fe
>    Left alloca redzone:     ca
>    Right alloca redzone:    cb
> ==13920==ABORTING





Information forwarded to bug-sed@HIDDEN:
bug#34142; Package sed. Full text available.

Message received at 34142 <at> debbugs.gnu.org:


Received: (at 34142) by debbugs.gnu.org; 20 Jan 2019 09:14:23 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jan 20 04:14:23 2019
Received: from localhost ([127.0.0.1]:38293 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gl9BO-0005FF-KT
	for submit <at> debbugs.gnu.org; Sun, 20 Jan 2019 04:14:22 -0500
Received: from mail-pf1-f175.google.com ([209.85.210.175]:42161)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <assafgordon@HIDDEN>) id 1gl9BL-0005El-BA
 for 34142 <at> debbugs.gnu.org; Sun, 20 Jan 2019 04:14:21 -0500
Received: by mail-pf1-f175.google.com with SMTP id 64so8710134pfr.9
 for <34142 <at> debbugs.gnu.org>; Sun, 20 Jan 2019 01:14:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=subject:to:references:from:message-id:date:user-agent:mime-version
 :in-reply-to:content-language:content-transfer-encoding;
 bh=q/Lp0AsiataOEfiZRL7IasK0bOqKKMb/vmJNoxCVkVU=;
 b=JFuvIRBnsBTZkgm9o51bi9/DhicB9ux72YhOC2zv05MdDfS57hjybV4CDU9WFGpb8c
 zQbKagEF7FypyAI7+EsjOWaGlFW4Ziky9eFhMS4vwPzlPR88fWsI0yj9ydjYqp+YqQ5J
 zGIH9NK3T7AGxDVV/mHDEXsm2r61hyjuciTLm2pVU78p2/Feegy4ZKxmEu7EQttLBKdY
 i5aPusLldrq7oMUgxvLL2hw/EhYPlr+KMmTcBuURKY5R+fP2gr5V6Dk0wxOh3Hp7nSvR
 bx6dWsbNDspHh70JbBGOKb9x+iXfw3OUFFsnMJIvyujQthNir1ptTTqWB2ddA3eCC8UQ
 d1Tg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:subject:to:references:from:message-id:date
 :user-agent:mime-version:in-reply-to:content-language
 :content-transfer-encoding;
 bh=q/Lp0AsiataOEfiZRL7IasK0bOqKKMb/vmJNoxCVkVU=;
 b=cjLJvc8kqdSOm0daAjKomY0b6NzASdZcuTVSBCRjXbL44lyFMc62xhWangrWfut0kf
 OI3erpSuelKl+NbxarkReqLkUXOX/7SC7Rb2Cez4naij5Qpq/OWFJqpA8zsZQLYxhlbx
 bYaNnQw1tQq724rru9K1rvNOJfGSLVYOHEJDs/X5kydjavs5eobFlK5WajHt24lNRACK
 DUbQuZ+ED6NWRhIRh4d9HoGH8Xn2wsbripIrvvY1t/b20IeFpB8Abgha0S0adTT9jiZH
 HW8aLPFkg/ZElavjEadPoxICNeocMchrtmNly4fYthqsy5gR7/CHohjt6qiZ8UpJzFGc
 4iJw==
X-Gm-Message-State: AJcUukdInH1ohTeaQTmhCLdsYEedeul2Z/jtEhR6tjdMT/elgPRgbd0l
 60EfYxw1mRdNRyJp0eSpAF33LKo0
X-Google-Smtp-Source: ALg8bN7VFOallua4zBR/iEA0MQVgyLbX344ShlWUv1JJSYXJ2GxGMJzNEobdoGgVoYkyJDIHyG4TkA==
X-Received: by 2002:a63:5207:: with SMTP id g7mr24279010pgb.253.1547975652615; 
 Sun, 20 Jan 2019 01:14:12 -0800 (PST)
Received: from tomato.housegordon.com (moose.housegordon.com. [184.68.105.38])
 by smtp.googlemail.com with ESMTPSA id
 v191sm20565810pgb.77.2019.01.20.01.14.11
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 20 Jan 2019 01:14:11 -0800 (PST)
Subject: Re: bug#34142: AddressSanitizer reported heap-buffer-overflow
To: Hongxu Chen <leftcopy.chx@HIDDEN>, 34142 <at> debbugs.gnu.org
References: <CAJPBKOHEQt0GJ2nF0fTZL9Ld4=sGZiUvrejieSgD9taxGT62ww@HIDDEN>
From: Assaf Gordon <assafgordon@HIDDEN>
Message-ID: <e7ba7ae7-8585-fef9-7a17-553d34be60b7@HIDDEN>
Date: Sun, 20 Jan 2019 02:14:10 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <CAJPBKOHEQt0GJ2nF0fTZL9Ld4=sGZiUvrejieSgD9taxGT62ww@HIDDEN>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34142
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

(forwarding to gnulib)

Hello,

Hongxu Chen reported a heap-buffer-overflow in gnulib's regexec code.

It can be reproduced with current sed using:

      git clone git://git.sv.gnu.org/sed.git
      cd sed
      ./bootstrap && ./configure
      make build-asan

      echo 00000000000000000000000000 | ./sed/sed -E -e 's/(.*)*\1//'

The above 'sed' invocation is a simplified variation of Hongxu's report.

Details below:

On 2019-01-19 11:09 p.m., Hongxu Chen wrote:
> 
>     =================================================================
> ==13920==ERROR: AddressSanitizer: heap-buffer-overflow on address
> 0x606000000233 at pc 0x0000004b4136 bp 0x7ffc475e3930 sp 0x7ffc475e30e0
> READ of size 26 at 0x606000000233 thread T0
>      #0 0x4b4135 in __interceptor_memcmp.part.283
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135)
>      #1 0x5b274c in proceed_next_node
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:1296:9
>      #2 0x597a4c in set_regs /home/hongxu/FOT/sed-O0/./lib/regexec.c:1453:18
>      #3 0x569a4f in re_search_internal
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:864:10
>      #4 0x56acd7 in re_search_stub
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:425:12
>      #5 0x56b061 in rpl_re_search
> /home/hongxu/FOT/sed-O0/./lib/regexec.c:289:10
>      #6 0x52f572 in match_regex /home/hongxu/FOT/sed-O0/sed/regexp.c:358:11
>      #7 0x5292d1 in do_subst /home/hongxu/FOT/sed-O0/sed/execute.c:1015:8
>      #8 0x5233a2 in execute_program
> /home/hongxu/FOT/sed-O0/sed/execute.c:1543:15
>      #9 0x520cba in process_files
> /home/hongxu/FOT/sed-O0/sed/execute.c:1680:16
>      #10 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
>      #11 0x7f1dc2297b96 in __libc_start_main
> /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
>      #12 0x41b219 in _start
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x41b219)
> 
> 0x606000000233 is located 0 bytes to the right of 51-byte region
> [0x606000000200,0x606000000233)
> allocated by thread T0 here:
>      #0 0x4db0d0 in malloc (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4db0d0)
>      #1 0x5624f4 in xmalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:41:13
>      #2 0x5627c4 in xzalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:86:18
>      #3 0x520e16 in line_init /home/hongxu/FOT/sed-O0/sed/execute.c:281:15
>      #4 0x5209ad in process_files
> /home/hongxu/FOT/sed-O0/sed/execute.c:1654:3
>      #5 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
>      #6 0x7f1dc2297b96 in __libc_start_main
> /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
> 
> SUMMARY: AddressSanitizer: heap-buffer-overflow
> (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135) in
> __interceptor_memcmp.part.283
> Shadow bytes around the buggy address:
>    0x0c0c7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>    0x0c0c7fff8000: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
>    0x0c0c7fff8010: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
>    0x0c0c7fff8020: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fa
>    0x0c0c7fff8030: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
> =>0x0c0c7fff8040: 00 00 00 00 00 00[03]fa fa fa fa fa 00 00 00 00
>    0x0c0c7fff8050: 00 00 03 fa fa fa fa fa 00 00 00 00 00 00 00 00
>    0x0c0c7fff8060: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
>    0x0c0c7fff8070: 00 00 00 00 00 00 00 fa fa fa fa fa 00 00 00 00
>    0x0c0c7fff8080: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd
>    0x0c0c7fff8090: fa fa fa fa 00 00 00 00 00 00 00 00 fa fa fa fa
> Shadow byte legend (one shadow byte represents 8 application bytes):
>    Addressable:           00
>    Partially addressable: 01 02 03 04 05 06 07
>    Heap left redzone:       fa
>    Freed heap region:       fd
>    Stack left redzone:      f1
>    Stack mid redzone:       f2
>    Stack right redzone:     f3
>    Stack after return:      f5
>    Stack use after scope:   f8
>    Global redzone:          f9
>    Global init order:       f6
>    Poisoned by user:        f7
>    Container overflow:      fc
>    Array cookie:            ac
>    Intra object redzone:    bb
>    ASan internal:           fe
>    Left alloca redzone:     ca
>    Right alloca redzone:    cb
> ==13920==ABORTING





Information forwarded to bug-sed@HIDDEN:
bug#34142; Package sed. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 20 Jan 2019 06:10:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jan 20 01:10:32 2019
Received: from localhost ([127.0.0.1]:38258 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gl6JT-0000JQ-Q9
	for submit <at> debbugs.gnu.org; Sun, 20 Jan 2019 01:10:32 -0500
Received: from eggs.gnu.org ([209.51.188.92]:48749)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leftcopy.chx@HIDDEN>) id 1gl6JR-0000JA-Fr
 for submit <at> debbugs.gnu.org; Sun, 20 Jan 2019 01:10:30 -0500
Received: from lists.gnu.org ([209.51.188.17]:43863)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leftcopy.chx@HIDDEN>)
 id 1gl6JK-0005ae-8O
 for submit <at> debbugs.gnu.org; Sun, 20 Jan 2019 01:10:22 -0500
Received: from eggs.gnu.org ([209.51.188.92]:58930)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <leftcopy.chx@HIDDEN>) id 1gl6JI-0002z0-ES
 for bug-sed@HIDDEN; Sun, 20 Jan 2019 01:10:22 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM,
 HTML_MESSAGE autolearn=disabled version=3.3.2
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leftcopy.chx@HIDDEN>) id 1gl6JA-0005Tg-RS
 for bug-sed@HIDDEN; Sun, 20 Jan 2019 01:10:16 -0500
Received: from mail-it1-x136.google.com ([2607:f8b0:4864:20::136]:40510)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <leftcopy.chx@HIDDEN>)
 id 1gl6J6-0005Kl-Sb
 for bug-sed@HIDDEN; Sun, 20 Jan 2019 01:10:10 -0500
Received: by mail-it1-x136.google.com with SMTP id h193so11144977ita.5
 for <bug-sed@HIDDEN>; Sat, 19 Jan 2019 22:10:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:from:date:message-id:subject:to;
 bh=FiMviPiFmlfU3UjuOjuj33uoETILXph46CagH9RBZTc=;
 b=uRMU3AbgOto6Ma42FNVTRkhRj5d2BFcK5DCTl2LF9Osv5sV0268jW8SUrh2L+BMgpf
 0UldWVkYsKEVSu/F2X85RniIrHak3gqa2PoghEajNSGcramyX5gR0EP+14oG0sqw9/4u
 TZMQ6ssO70bYey4Misp0s0/mwuKgh3qMpIu66N9AU07emk2AAdeLDDTkVt4xjMAQXEJq
 8jmKMpzJb1WbnLl/m+WbBYY7H20GfF0NoYCR6yruYHO/Spcs3UK+4CBDoUPiHufcKGo5
 Q82YwcFCQM8YrDHrO6jQntsXQKjPvlkBAdWYScKg+9zDZ43JZYPVHEJgyaR9/nVNyzRv
 m7ag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
 bh=FiMviPiFmlfU3UjuOjuj33uoETILXph46CagH9RBZTc=;
 b=WXvixl3Ff6WJVIKQoLDHkoGw9FHLVD88D2hyY8DUur/ClXEW5ZUm4VUc4CrmLZoxO5
 DqdW436vpuvKwdKYB0f1bmXbKlZtM11YQ3gVPxT7M26qlEgWCZ2dbmgEyGmaj8glkOru
 Q3nsgsuXBFkY+WDDP1P92XobveG3XiuE9r7BhxaSXvT0/9trwzruTs33W2qvHYlYoRWV
 t5tW4p9bWJxg9+oF3l0g9OcE8bQpl7Jv6fj1+KOWJZ6rUE9pb7o7feR6i4WjGVjbUdaR
 CKpdrKSoQvnvdqjPa36OAY3sFT2qaqSGIJY2kyRrZltsVABmBXfSb45oYs4xzc/R4Z6z
 etzw==
X-Gm-Message-State: AJcUukdHhAHrywIWx6Tbbjy17ScHe7ydC3iAcHv00h/mrDwlnjAW53cF
 cWbjbsq4JOU89mybQTGi0Sr2vf13fjo8wv2E0l1pzHC/
X-Google-Smtp-Source: ALg8bN6jGbraBkqtAtcY79aZB93NZw5SpZRjjAMtl3nu40eAC+DtQWmzVx11TBpGhQw8snthVtW01Fo5P3PXiONENgs=
X-Received: by 2002:a05:660c:91:: with SMTP id
 t17mr4980292itj.41.1547964598846; 
 Sat, 19 Jan 2019 22:09:58 -0800 (PST)
MIME-Version: 1.0
From: Hongxu Chen <leftcopy.chx@HIDDEN>
Date: Sun, 20 Jan 2019 14:09:48 +0800
Message-ID: <CAJPBKOHEQt0GJ2nF0fTZL9Ld4=sGZiUvrejieSgD9taxGT62ww@HIDDEN>
Subject: AddressSanitizer reported heap-buffer-overflow
To: bug-sed@HIDDEN
Content-Type: multipart/mixed; boundary="0000000000000a9597057fdd98a7"
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2607:f8b0:4864:20::136
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

--0000000000000a9597057fdd98a7
Content-Type: multipart/alternative; boundary="0000000000000a9594057fdd98a5"

--0000000000000a9594057fdd98a5
Content-Type: text/plain; charset="UTF-8"

Hi,

    When latest sed (4.7.4-f8503-dirty) is compiled with ASan, it report a
heap-buffer-overflow when executing the following command.

      echo '0000000000000000000000000000' | ./sed -f c02.sed

   =================================================================
==13920==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x606000000233 at pc 0x0000004b4136 bp 0x7ffc475e3930 sp 0x7ffc475e30e0
READ of size 26 at 0x606000000233 thread T0
    #0 0x4b4135 in __interceptor_memcmp.part.283
(/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135)
    #1 0x5b274c in proceed_next_node
/home/hongxu/FOT/sed-O0/./lib/regexec.c:1296:9
    #2 0x597a4c in set_regs /home/hongxu/FOT/sed-O0/./lib/regexec.c:1453:18
    #3 0x569a4f in re_search_internal
/home/hongxu/FOT/sed-O0/./lib/regexec.c:864:10
    #4 0x56acd7 in re_search_stub
/home/hongxu/FOT/sed-O0/./lib/regexec.c:425:12
    #5 0x56b061 in rpl_re_search
/home/hongxu/FOT/sed-O0/./lib/regexec.c:289:10
    #6 0x52f572 in match_regex /home/hongxu/FOT/sed-O0/sed/regexp.c:358:11
    #7 0x5292d1 in do_subst /home/hongxu/FOT/sed-O0/sed/execute.c:1015:8
    #8 0x5233a2 in execute_program
/home/hongxu/FOT/sed-O0/sed/execute.c:1543:15
    #9 0x520cba in process_files
/home/hongxu/FOT/sed-O0/sed/execute.c:1680:16
    #10 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
    #11 0x7f1dc2297b96 in __libc_start_main
/build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #12 0x41b219 in _start
(/home/hongxu/FOT/sed-O0/install/bin/sed+0x41b219)

0x606000000233 is located 0 bytes to the right of 51-byte region
[0x606000000200,0x606000000233)
allocated by thread T0 here:
    #0 0x4db0d0 in malloc (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4db0d0)
    #1 0x5624f4 in xmalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:41:13
    #2 0x5627c4 in xzalloc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:86:18
    #3 0x520e16 in line_init /home/hongxu/FOT/sed-O0/sed/execute.c:281:15
    #4 0x5209ad in process_files
/home/hongxu/FOT/sed-O0/sed/execute.c:1654:3
    #5 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17
    #6 0x7f1dc2297b96 in __libc_start_main
/build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310

SUMMARY: AddressSanitizer: heap-buffer-overflow
(/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135) in
__interceptor_memcmp.part.283
Shadow bytes around the buggy address:
  0x0c0c7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c0c7fff8000: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x0c0c7fff8010: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
  0x0c0c7fff8020: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fa
  0x0c0c7fff8030: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
=>0x0c0c7fff8040: 00 00 00 00 00 00[03]fa fa fa fa fa 00 00 00 00
  0x0c0c7fff8050: 00 00 03 fa fa fa fa fa 00 00 00 00 00 00 00 00
  0x0c0c7fff8060: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x0c0c7fff8070: 00 00 00 00 00 00 00 fa fa fa fa fa 00 00 00 00
  0x0c0c7fff8080: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x0c0c7fff8090: fa fa fa fa 00 00 00 00 00 00 00 00 fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==13920==ABORTING
[1]    13917 done       echo '0000000000000000000000000000' |
       13920 abort      ./sed -f c02.sed

c02.sed is attached (it seems ok when executing with the c02.sed content
directly, `echo '0000000000000000000000000000' | ./sed -f
"s000;s0\(..*\)*\1\(\)\S00"`).

This seems an issue in lib/regexec.c since we found GNU debbugs #34140 has
a similar case.

Best Regards,
Hongxu

--0000000000000a9594057fdd98a5
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div di=
r=3D"ltr"><div dir=3D"ltr"><div>Hi,</div><div><br></div><div>=C2=A0 =C2=A0 =
When latest sed (4.7.4-f8503-dirty) is compiled with ASan, it report a heap=
-buffer-overflow when executing the following command.</div><div><br></div>=
<div>=C2=A0 =C2=A0 =C2=A0 echo &#39;0000000000000000000000000000&#39; | ./s=
ed -f c02.sed</div><div><br></div><div>=C2=A0 =C2=A0=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D</div><div>=3D=3D13920=3D=3DERROR: AddressSanitizer=
: heap-buffer-overflow on address 0x606000000233 at pc 0x0000004b4136 bp 0x=
7ffc475e3930 sp 0x7ffc475e30e0</div><div>READ of size 26 at 0x606000000233 =
thread T0</div><div>=C2=A0 =C2=A0 #0 0x4b4135 in __interceptor_memcmp.part.=
283 (/home/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135)</div><div>=C2=A0 =C2=
=A0 #1 0x5b274c in proceed_next_node /home/hongxu/FOT/sed-O0/./lib/regexec.=
c:1296:9</div><div>=C2=A0 =C2=A0 #2 0x597a4c in set_regs /home/hongxu/FOT/s=
ed-O0/./lib/regexec.c:1453:18</div><div>=C2=A0 =C2=A0 #3 0x569a4f in re_sea=
rch_internal /home/hongxu/FOT/sed-O0/./lib/regexec.c:864:10</div><div>=C2=
=A0 =C2=A0 #4 0x56acd7 in re_search_stub /home/hongxu/FOT/sed-O0/./lib/rege=
xec.c:425:12</div><div>=C2=A0 =C2=A0 #5 0x56b061 in rpl_re_search /home/hon=
gxu/FOT/sed-O0/./lib/regexec.c:289:10</div><div>=C2=A0 =C2=A0 #6 0x52f572 i=
n match_regex /home/hongxu/FOT/sed-O0/sed/regexp.c:358:11</div><div>=C2=A0 =
=C2=A0 #7 0x5292d1 in do_subst /home/hongxu/FOT/sed-O0/sed/execute.c:1015:8=
</div><div>=C2=A0 =C2=A0 #8 0x5233a2 in execute_program /home/hongxu/FOT/se=
d-O0/sed/execute.c:1543:15</div><div>=C2=A0 =C2=A0 #9 0x520cba in process_f=
iles /home/hongxu/FOT/sed-O0/sed/execute.c:1680:16</div><div>=C2=A0 =C2=A0 =
#10 0x5300dc in main /home/hongxu/FOT/sed-O0/sed/sed.c:382:17</div><div>=C2=
=A0 =C2=A0 #11 0x7f1dc2297b96 in __libc_start_main /build/glibc-OTsEL5/glib=
c-2.27/csu/../csu/libc-start.c:310</div><div>=C2=A0 =C2=A0 #12 0x41b219 in =
_start (/home/hongxu/FOT/sed-O0/install/bin/sed+0x41b219)</div><div><br></d=
iv><div>0x606000000233 is located 0 bytes to the right of 51-byte region [0=
x606000000200,0x606000000233)</div><div>allocated by thread T0 here:</div><=
div>=C2=A0 =C2=A0 #0 0x4db0d0 in malloc (/home/hongxu/FOT/sed-O0/install/bi=
n/sed+0x4db0d0)</div><div>=C2=A0 =C2=A0 #1 0x5624f4 in xmalloc /home/hongxu=
/FOT/sed-O0/lib/xmalloc.c:41:13</div><div>=C2=A0 =C2=A0 #2 0x5627c4 in xzal=
loc /home/hongxu/FOT/sed-O0/lib/xmalloc.c:86:18</div><div>=C2=A0 =C2=A0 #3 =
0x520e16 in line_init /home/hongxu/FOT/sed-O0/sed/execute.c:281:15</div><di=
v>=C2=A0 =C2=A0 #4 0x5209ad in process_files /home/hongxu/FOT/sed-O0/sed/ex=
ecute.c:1654:3</div><div>=C2=A0 =C2=A0 #5 0x5300dc in main /home/hongxu/FOT=
/sed-O0/sed/sed.c:382:17</div><div>=C2=A0 =C2=A0 #6 0x7f1dc2297b96 in __lib=
c_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310</di=
v><div><br></div><div>SUMMARY: AddressSanitizer: heap-buffer-overflow (/hom=
e/hongxu/FOT/sed-O0/install/bin/sed+0x4b4135) in __interceptor_memcmp.part.=
283</div><div>Shadow bytes around the buggy address:</div><div>=C2=A0 0x0c0=
c7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00</div><div>=C2=A0=
 0x0c0c7fff8000: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa</div><div>=
=C2=A0 0x0c0c7fff8010: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd</div=
><div>=C2=A0 0x0c0c7fff8020: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd f=
a</div><div>=C2=A0 0x0c0c7fff8030: fa fa fa fa fd fd fd fd fd fd fd fa fa f=
a fa fa</div><div>=3D&gt;0x0c0c7fff8040: 00 00 00 00 00 00[03]fa fa fa fa f=
a 00 00 00 00</div><div>=C2=A0 0x0c0c7fff8050: 00 00 03 fa fa fa fa fa 00 0=
0 00 00 00 00 00 00</div><div>=C2=A0 0x0c0c7fff8060: fa fa fa fa fd fd fd f=
d fd fd fd fa fa fa fa fa</div><div>=C2=A0 0x0c0c7fff8070: 00 00 00 00 00 0=
0 00 fa fa fa fa fa 00 00 00 00</div><div>=C2=A0 0x0c0c7fff8080: 00 00 00 f=
a fa fa fa fa fd fd fd fd fd fd fd fd</div><div>=C2=A0 0x0c0c7fff8090: fa f=
a fa fa 00 00 00 00 00 00 00 00 fa fa fa fa</div><div>Shadow byte legend (o=
ne shadow byte represents 8 application bytes):</div><div>=C2=A0 Addressabl=
e:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A000</div><div>=C2=A0 Partially ad=
dressable: 01 02 03 04 05 06 07=C2=A0</div><div>=C2=A0 Heap left redzone:=
=C2=A0 =C2=A0 =C2=A0 =C2=A0fa</div><div>=C2=A0 Freed heap region:=C2=A0 =C2=
=A0 =C2=A0 =C2=A0fd</div><div>=C2=A0 Stack left redzone:=C2=A0 =C2=A0 =C2=
=A0 f1</div><div>=C2=A0 Stack mid redzone:=C2=A0 =C2=A0 =C2=A0 =C2=A0f2</di=
v><div>=C2=A0 Stack right redzone:=C2=A0 =C2=A0 =C2=A0f3</div><div>=C2=A0 S=
tack after return:=C2=A0 =C2=A0 =C2=A0 f5</div><div>=C2=A0 Stack use after =
scope:=C2=A0 =C2=A0f8</div><div>=C2=A0 Global redzone:=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 f9</div><div>=C2=A0 Global init order:=C2=A0 =C2=A0 =C2=A0 =
=C2=A0f6</div><div>=C2=A0 Poisoned by user:=C2=A0 =C2=A0 =C2=A0 =C2=A0 f7</=
div><div>=C2=A0 Container overflow:=C2=A0 =C2=A0 =C2=A0 fc</div><div>=C2=A0=
 Array cookie:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ac</div><div>=C2=A0=
 Intra object redzone:=C2=A0 =C2=A0 bb</div><div>=C2=A0 ASan internal:=C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0fe</div><div>=C2=A0 Left alloca redzo=
ne:=C2=A0 =C2=A0 =C2=A0ca</div><div>=C2=A0 Right alloca redzone:=C2=A0 =C2=
=A0 cb</div><div>=3D=3D13920=3D=3DABORTING</div><div>[1]=C2=A0 =C2=A0 13917=
 done=C2=A0 =C2=A0 =C2=A0 =C2=A0echo &#39;0000000000000000000000000000&#39;=
 |=C2=A0</div><div>=C2=A0 =C2=A0 =C2=A0 =C2=A013920 abort=C2=A0 =C2=A0 =C2=
=A0 ./sed -f c02.sed</div><div><br></div><div>c02.sed is attached (it seems=
 ok when executing with the c02.sed content directly, `echo &#39;0000000000=
000000000000000000&#39; | ./sed -f &quot;s000;s0\(..*\)*\1\(\)\S00&quot;`).=
</div><div><br></div><div>This seems an issue in lib/regexec.c since we fou=
nd GNU debbugs #34140 has a similar case.</div><br clear=3D"all"><div><div =
dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr=
"><font color=3D"#313131" face=3D"Arial, sans-serif"><span style=3D"font-si=
ze:12px">Best Regards,</span></font><div><font color=3D"#313131" face=3D"Ar=
ial, sans-serif"><span style=3D"font-size:12px">Hongxu</span></font></div><=
/div></div></div></div></div></div></div></div></div></div></div>

--0000000000000a9594057fdd98a5--

--0000000000000a9597057fdd98a7
Content-Type: application/octet-stream; name="c02.sed"
Content-Disposition: attachment; filename="c02.sed"
Content-Transfer-Encoding: base64
Content-ID: <f_jr4hzhog0>
X-Attachment-Id: f_jr4hzhog0

czCJMDA7czBcKC4uKlwpKlwxXChcKVxTMDA=
--0000000000000a9597057fdd98a7--




Acknowledgement sent to Hongxu Chen <leftcopy.chx@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-sed@HIDDEN. Full text available.
Report forwarded to bug-sed@HIDDEN:
bug#34142; Package sed. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Mon, 25 Nov 2019 12:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.