Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
(1 of 8) - Hash: 6316975dba76c386f24c208927556ef3.beb8cdda937aaef251d923795cf1c80a
---CRASH SUMMARY---
Filename: asan/crashes/id:000264,sig:06,src:001192,op:havoc,rep:16
SHA1: 83f0d9e521839d28779c9dc9e351b814e3480fd9
Classification: PROBABLY_EXPLOITABLE
Hash: 6316975dba76c386f24c208927556ef3.beb8cdda937aaef251d923795cf1c80a
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds7_process_result @ 0x000000000050f411: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x0000000000506a9e: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x00000000000000b0 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000627000018914 rdi=0x000060f00000e320 rbp=0x00007fffffffd140 rsp=0x00007fffffffd100
r8=0x00007ffff7f8ccd8 r9=0x0000000000000002 r10=0x0000000000000000 r11=0x00007ffff5d65550
r12=0x0000000000001f7a r13=0x0000000000001f81 r14=0x0000000000000038 r15=0x00000c0c00001ccc
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 4) - Hash: 5c91cf00876cd16d15bfb51ae85331f9.64a7111f30523fb1cab7270e58e9d90e
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000110,sig:11,src:000968+000699,op:splice,rep:4
SHA1: 5d3fe028a178954c41e15c35d8d009e675692189
Classification: EXPLOITABLE
Hash: 5c91cf00876cd16d15bfb51ae85331f9.64a7111f30523fb1cab7270e58e9d90e
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_detach_results @ 0x0000000000409ac6: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_detach_results @ 0x0000000000409ac6: in /root/freetds/build/src/apps/tsql
tds_set_current_results @ 0x0000000000409ac6: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x0000000000414893: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414893: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c52a0 rcx=0x000000000000ee13 rdx=0x0000000000695930
rsi=0x00000000006c5750 rdi=0x00000000006c5180 rbp=0x00000000000000ac rsp=0x00007fffffffd980
r8=0x00000000006c56a0 r9=0x0000000000000001 r10=0x00000000006c5710 r11=0x0000000000000246
r12=0x0000006462000000 r13=0x00000000006c5750 r14=0x00000000006c5180 r15=0x0000000000695530
rip=0x0000000000409ac6 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on destination operand
Short description: DestAv (8/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control the write address and/or value.
---END SUMMARY---
(1 of 2) - Hash: 3f430c757424b923d9eacf0f9227c59e.78968d4e105ed8d91308dafde7773a50
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000379,sig:11,src:001923,op:havoc,rep:4
SHA1: 7c8350aff21b56ac09619900ff788c7cf3db836c
Classification: UNKNOWN
Hash: 3f430c757424b923d9eacf0f9227c59e.78968d4e105ed8d91308dafde7773a50
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (11 entries):
__GI___libc_free @ 0x00007ffff657e962: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__gconv_close @ 0x00007ffff651c9d6: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
iconv_close @ 0x00007ffff651c20f: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_info_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_free @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_deinit_connection @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
tds_connection_remove_soc @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00000000006cd630 rcx=0x0000000000005e39 rdx=0x0000000000695930
rsi=0x0000000000000005 rdi=0x0040000000730000 rbp=0x00000000006cab00 rsp=0x00007fffffffdd90
r8=0x00000000006a8cf0 r9=0x0000000000000000 r10=0x000000000000003c r11=0x0000000000000000
r12=0x0000000000000000 r13=0x0000000000000000 r14=0x00000000006c5180 r15=0x0000000000695530
rip=0x00007ffff657e962 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 1) - Hash: 8af8dd80c8db469e9389d6ce92d00ee8.d088a8494c97ab267cbaffe1f98b733d
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000383,sig:11,src:001961+001077,op:splice,rep:4
SHA1: c228989c7a21621d567e85a2049e20f1f1cd52c6
Classification: UNKNOWN
Hash: 8af8dd80c8db469e9389d6ce92d00ee8.d088a8494c97ab267cbaffe1f98b733d
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_free_column @ 0x0000000000408884: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
malloc_consolidate @ 0x00007ffff65793b5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657b0a8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_free_column @ 0x0000000000408884: in /root/freetds/build/src/apps/tsql
tds_free_results @ 0x0000000000408884: in /root/freetds/build/src/apps/tsql
tds_free_param_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x6c0000000000087e rbx=0x00000000006ca4d0 rcx=0x00007fffffffdc90 rdx=0x0000000000000021
rsi=0x0000000000000000 rdi=0x00007ffff68beb20 rbp=0x00000000000070c8 rsp=0x00007fffffffdc40
r8=0x00000000006a8a80 r9=0x0000000000000000 r10=0x00007ffff68beb78 r11=0x00007ffff68beb30
r12=0x00000000006ca500 r13=0x0bf4ff7f00000000 r14=0x00007ffff68beb20 r15=0x00007ffff68beb78
rip=0x00007ffff65793b5 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 13) - Hash: 67bb9acb1c75460279a7b3f5e2d40e34.10815b35c1ec00a0f6aaff115f0f91c7
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000240,sig:11,src:001623,op:havoc,rep:8
SHA1: d7a9db35e217e541c1fa923a171f03eac9d1c058
Classification: PROBABLY_EXPLOITABLE
Hash: 67bb9acb1c75460279a7b3f5e2d40e34.10815b35c1ec00a0f6aaff115f0f91c7
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000422910: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414035: in /root/freetds/build/src/apps/tsql
tds_process_info @ 0x00000000004213f0: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000413a6e: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c55c0 rbp=0x0000000000000000 rsp=0x00007fffffffd840
r8=0x00007fffffffd798 r9=0x0000000000000000 r10=0x00007ffff68beb88 r11=0x0000000000000001
r12=0x0000000000695530 r13=0x000000000000d7f8 r14=0x00000000006c57a0 r15=0x00000000006c57a0
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 30) - Hash: 3b939fd1fe9d3ee8f11245ce20e5dea9.2876ea230a8afa36f391c19c2f8c9be6
---CRASH SUMMARY---
Filename: asan/crashes/id:000170,sig:06,src:001137+000276,op:splice,rep:4
SHA1: 44b6643185840624197528503bd1792aae355bc7
Classification: PROBABLY_EXPLOITABLE
Hash: 3b939fd1fe9d3ee8f11245ce20e5dea9.2876ea230a8afa36f391c19c2f8c9be6
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f5deb: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_row @ 0x00000000004f5deb: in /root/aflasan/build/src/apps/tsql
tds_alloc_compute_row @ 0x00000000004f5deb: in /root/aflasan/build/src/apps/tsql
tds_process_compute_resul @ 0x000000000050d26c: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x000000000050d26c: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x00000000005ce2e0 rdi=0x000060f00000ed70 rbp=0x00007fffffffd1b0 rsp=0x00007fffffffd170
r8=0x0000000000000003 r9=0x0000000000000030 r10=0x0000000000000038 r11=0x00007ffff5d65550
r12=0x0000000000000001 r13=0x0000000000000001 r14=0x0000000000000000 r15=0x00000c0c00001cd8
rip=0x00000000004f5deb efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 46) - Hash: c1362eee185df6b1a53be805ff37e5b7.0e6783f63bb4730a1e347c50a6985f2c
---CRASH SUMMARY---
Filename: asan/crashes/id:000271,sig:06,src:000070+001441,op:splice,rep:16
SHA1: dc3aa08438fe8ee8eee77063d563e42860f79527
Classification: PROBABLY_EXPLOITABLE
Hash: c1362eee185df6b1a53be805ff37e5b7.0e6783f63bb4730a1e347c50a6985f2c
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds5_process_result @ 0x00000000005115b5: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502c79: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x000060f00000ed70 rbp=0x00007fffffffd1d0 rsp=0x00007fffffffd190
r8=0x00000ffffffff9d0 r9=0x000000000000000b r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x000000000000e308 r13=0x000000000000e308 r14=0x0000000000000000 r15=0x00000c0c00001cd8
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 3) - Hash: b563892d2f46f512fa9cd2461793966f.58ce15ceda8d04bfee4d8a52db0eca59
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000380,sig:11,src:001157+002160,op:splice,rep:64
SHA1: 83f3477568db2acff520d9a4d65d69958441566a
Classification: UNKNOWN
Hash: b563892d2f46f512fa9cd2461793966f.58ce15ceda8d04bfee4d8a52db0eca59
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_row_free @ 0x0000000000409f97: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
__GI___libc_free @ 0x00007ffff657e962: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_row_free @ 0x0000000000409f97: in /root/freetds/build/src/apps/tsql
tds_free_results @ 0x000000000040874e: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a5d5: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000001 rcx=0x000000000000a5f7 rdx=0x0000000000695930
rsi=0x00000000006dc3c0 rdi=0x00360039007f0000 rbp=0x00000000006c56d0 rsp=0x00007fffffffdd40
r8=0x00007ffff7fe2740 r9=0x000000000000003d r10=0x0000000000000021 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x00360039007f0000 r14=0x0000000000000000 r15=0x00000000006c55c0
rip=0x00007ffff657e962 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 49) - Hash: 25018c293028c6ab730c49466a8b31ee.5f61e43094fb4a2503a1d42dcb06be65
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000425,sig:11,src:002077,op:havoc,rep:16
SHA1: 88f8a24eed161273c85f6129d0cb7f603c735e49
Classification: UNKNOWN
Hash: 25018c293028c6ab730c49466a8b31ee.5f61e43094fb4a2503a1d42dcb06be65
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_free_packets @ 0x000000000040ced3: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
malloc_consolidate @ 0x00007ffff65793b5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657b0a8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_free_packets @ 0x000000000040ced3: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040ced3: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x6c0000000000087c rbx=0x00000000006ca4d0 rcx=0x00007fffffffdd10 rdx=0x0000000000000021
rsi=0x0000000000000000 rdi=0x00007ffff68beb20 rbp=0x00000000000070c8 rsp=0x00007fffffffdcc0
r8=0x00000000006a6360 r9=0x00000000006c5710 r10=0x00007ffff68beb78 r11=0x00007ffff68beb30
r12=0x00000000006ca500 r13=0x0bf4ff7f00000000 r14=0x00007ffff68beb20 r15=0x00007ffff68beb78
rip=0x00007ffff65793b5 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 60) - Hash: 3298a51122b2227ed7f7bbace9f79c55.569cf989dd3951d5562f00491a2af386
---CRASH SUMMARY---
Filename: asan/crashes/id:000110,sig:06,src:000007,op:havoc,rep:4
SHA1: 5edc7b69efe5d12d5cd0d7177e69f914e136d67a
Classification: PROBABLY_EXPLOITABLE
Hash: 3298a51122b2227ed7f7bbace9f79c55.569cf989dd3951d5562f00491a2af386
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_param_data @ 0x00000000004f4141: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_param_data @ 0x00000000004f4141: in /root/aflasan/build/src/apps/tsql
tds_process_param_result @ 0x0000000000514147: in /root/aflasan/build/src/apps/tsql
tds_process_param_result_ @ 0x00000000005033c1: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005033c1: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x000060f00000ed70 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x000061600000f094 rdi=0x000060f00000ed70 rbp=0x00007fffffffd1d0 rsp=0x00007fffffffd1a0
r8=0x00007ffff7f8ccd8 r9=0x0000000000000002 r10=0x0000000000000000 r11=0x00007ffff5d65550
r12=0x0000000000292be8 r13=0x000060f00000ed70 r14=0x000061400000fd60 r15=0x000061400000fc40
rip=0x00000000004f4141 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 34) - Hash: 8ddd85000cf14531ea45adc9afdcdb9c.beafae33fdd8af140d9cb22b466dd9a4
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000119,sig:06,src:001011+000277,op:splice,rep:4
SHA1: cee40d5258eca9b4a438fcfe36e624fd4f1c1246
Classification: UNKNOWN
Hash: 8ddd85000cf14531ea45adc9afdcdb9c.beafae33fdd8af140d9cb22b466dd9a4
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000420c9d: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_nbcrow @ 0x0000000000420c9d: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414315: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x00000000000033a6 rdi=0x00000000000033a6 rbp=0x00000000004867b7 rsp=0x00007fffffffd7b8
r8=0xfefefefefefefeff r9=0x0000000000000001 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x0000000000000796 r13=0x0000000000486815 r14=0x00000000006c5750 r15=0x00000000ffffffff
rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 6) - Hash: b6d3eb8baa25bb5a5d9a7064a61d5815.59125ea9055d2fc6d6ebcd4f06ab44f3
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000161,sig:11,src:001362+000868,op:splice,rep:16
SHA1: c109981b1a5f62ea5b89585ea4fee41b78c7400e
Classification: PROBABLY_EXPLOITABLE
Hash: b6d3eb8baa25bb5a5d9a7064a61d5815.59125ea9055d2fc6d6ebcd4f06ab44f3
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_params_result_token @ 0x0000000000417856: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_params_result @ 0x0000000000417856: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000417856: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00000000006c5770 rcx=0x00000000006a8f60 rdx=0x0000000000695930
rsi=0x00000000006c5610 rdi=0x00000000006c5180 rbp=0x0000000000000000 rsp=0x00007fffffffd960
r8=0x00000000006a8cf0 r9=0x0000000000000000 r10=0x00000000006a91c0 r11=0x00007ffff68beb78
r12=0x0000000000695530 r13=0x0000000000000000 r14=0x00000000006c5180 r15=0x00000000006c5180
rip=0x0000000000417856 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 4) - Hash: 1ac32c261fff792b1a6705d656546b1c.4af48f44efad7ad792da9d5a70d1858f
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000160,sig:11,src:001362,op:havoc,rep:4
SHA1: 171fedec14ebdea0f3685c8e8561c7cbc6d2ddc3
Classification: PROBABLY_EXPLOITABLE
Hash: 1ac32c261fff792b1a6705d656546b1c.4af48f44efad7ad792da9d5a70d1858f
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x0000000000419f27: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_row @ 0x0000000000419f27: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000419f27: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000006a8f60 rdx=0x0000000000695930
rsi=0x00000000006c5610 rdi=0x00000000006c5180 rbp=0x00000000006c5770 rsp=0x00007fffffffd960
r8=0x00000000006a8cf0 r9=0x0000000000000000 r10=0x00000000006c56e0 r11=0x00007ffff68beb78
r12=0x0000000000695530 r13=0x00000000ffffffff r14=0x00000000006c5180 r15=0x00000000006c5180
rip=0x0000000000419f27 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 5) - Hash: 714becfa65da0a778bc9e6338e6993ed.29a7547e3604b3415f2e16dd55a5ae2c
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000235,sig:11,src:001630,op:havoc,rep:8
SHA1: a6b96aaaa42184a7df04fbd3c744d7f0c97d10a7
Classification: PROBABLY_EXPLOITABLE
Hash: 714becfa65da0a778bc9e6338e6993ed.29a7547e3604b3415f2e16dd55a5ae2c
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_params_result_token @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_process_params_result @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
tds_process_info @ 0x00000000004213f0: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000413a6e: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000006dc2c0 rdx=0x0000000000695930
rsi=0x00000000006c55c0 rdi=0x00000000006c5180 rbp=0x0000000000000000 rsp=0x00007fffffffd8b0
r8=0x00007fffffffd7b8 r9=0x0000000000000000 r10=0x00000000006a8f50 r11=0x0000000000000001
r12=0x00000000ffffffff r13=0x0000000000695530 r14=0x00000000006c5180 r15=0x00000000006c57a0
rip=0x0000000000413988 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 4) - Hash: 39d9745544af6d255767c5f1dcfa6e11.39d9745544af6d255767c5f1dcfa6e11
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000136,sig:11,src:000520,op:flip1,pos:281
SHA1: 1cfaea320b84829c7c1f33e0a9908e7c4234cb81
Classification: EXPLOITABLE
Hash: 39d9745544af6d255767c5f1dcfa6e11.39d9745544af6d255767c5f1dcfa6e11
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_detach_results @ 0x000000000040a643: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (4 entries):
tds_detach_results @ 0x000000000040a643: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a643: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c5750 rcx=0x000000000000b5c2 rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x0000000000000000 rbp=0x000000b9676c0000 rsp=0x00007fffffffde10
r8=0x00007ffff7fe2740 r9=0x000000000000003d r10=0x0000000000000021 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x0000000000695530 r14=0x0000000000000000 r15=0x00000000006c5180
rip=0x000000000040a643 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on destination operand
Short description: DestAv (8/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control the write address and/or value.
---END SUMMARY---
(1 of 1) - Hash: c100a520548597a4d21a9c8ad0478f6d.f1728912e873b008f2605480a6646343
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000223,sig:11,src:001468,op:havoc,rep:4
SHA1: 2f657e8fbe105e215f8936ba267304b97afff340
Classification: EXPLOITABLE
Hash: c100a520548597a4d21a9c8ad0478f6d.f1728912e873b008f2605480a6646343
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_param_result @ 0x0000000000420864: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_process_param_result @ 0x0000000000420864: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x000000000041a042: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041a042: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x0000003100000000 rcx=0x0000000000002e97 rdx=0x0000000000695930
rsi=0x000000000000270f rdi=0x00000000006c55e3 rbp=0x0000000000000000 rsp=0x00007fffffffd930
r8=0x0000000000000000 r9=0x0000000000000000 r10=0x00000000006c55d0 r11=0x0000000000000286
r12=0x0000000000695530 r13=0x00000000000000ac r14=0x00000000006c52a0 r15=0x00000000006c5180
rip=0x0000000000420864 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on destination operand
Short description: DestAv (8/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control the write address and/or value.
---END SUMMARY---
(1 of 545) - Hash: 9bf120a0b6b22fd48aad1f5ce16627f7.58f81deab66d5197a70dfcb61d872595
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000064,sig:11,src:000556,op:havoc,rep:16
SHA1: 854616b8c73ac77f9ac18fea981c40e77a0b57a1
Classification: PROBABLY_EXPLOITABLE
Hash: 9bf120a0b6b22fd48aad1f5ce16627f7.58f81deab66d5197a70dfcb61d872595
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds7_process_result @ 0x000000000041d1f4: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x00000000004147d0: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000001 rcx=0x0000000000008038 rdx=0x0000000000695930
rsi=0x00000000006dc5d4 rdi=0x00000000006c5730 rbp=0x0000000000000028 rsp=0x00007fffffffd910
r8=0x00007fffffffd838 r9=0x0000000000000028 r10=0x00000000006a8730 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x000000000000000b r14=0x00000000006c5180 r15=0x00000000006c55c0
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 1) - Hash: 362905ce5f5562f62277db1f421072ad.b73ab0e33bc5ff23f988c8bf3e6d247e
---CRASH SUMMARY---
Filename: asan/crashes/id:000373,sig:06,src:001662+000933,op:splice,rep:2
SHA1: 7bbc348a0ca69ff8367adccd158925f4f7bf0220
Classification: UNKNOWN
Hash: 362905ce5f5562f62277db1f421072ad.b73ab0e33bc5ff23f988c8bf3e6d247e
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000514a22: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_nbcrow @ 0x0000000000514a22: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x0000000000509578: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x0000000000006781 rdi=0x0000000000006781 rbp=0x00000000005d0240 rsp=0x00007fffffffcf68
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x0000000000000796 r13=0x00000000005d0340 r14=0x0000000000000000 r15=0x00000c2800001fa8
rip=0x00007ffff5c05428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 2) - Hash: ab53d19145236253d18e5bcfaf1fc8fa.41143664f2b06db4952a2f2b82195b95
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000307,sig:11,src:001925,op:havoc,rep:8
SHA1: f52a6f49fac13fe94a7f2245f6629bb2e79187d8
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: ab53d19145236253d18e5bcfaf1fc8fa.41143664f2b06db4952a2f2b82195b95
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
strcmp @ 0x00007ffff7df294a: in /lib/x86_64-linux-gnu/ld-2.23.so
Disassembly:
Stack Head (24 entries):
strcmp @ 0x00007ffff7df294a: in /lib/x86_64-linux-gnu/ld-2.23.so
_dl_name_match_p @ 0x00007ffff7de87c5: in /lib/x86_64-linux-gnu/ld-2.23.so
_dl_map_object @ 0x00007ffff7ddf89d: in /lib/x86_64-linux-gnu/ld-2.23.so
dl_open_worker @ 0x00007ffff7dec3a7: in /lib/x86_64-linux-gnu/ld-2.23.so
_dl_catch_error @ 0x00007ffff7de7394: in /lib/x86_64-linux-gnu/ld-2.23.so
_dl_open @ 0x00007ffff7debbd9: in /lib/x86_64-linux-gnu/ld-2.23.so
do_dlopen @ 0x00007ffff663d9bd: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_dl_catch_error @ 0x00007ffff7de7394: in /lib/x86_64-linux-gnu/ld-2.23.so
dlerror_run @ 0x00007ffff663da74: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_dlopen_mode @ 0x00007ffff663da74: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
init @ 0x00007ffff660fe95: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__pthread_once_slow @ 0x00007ffff68d2a99: in /lib/x86_64-linux-gnu/libpthread-2.23.so
__GI___backtrace @ 0x00007ffff660ffb4: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
backtrace_and_maps @ 0x00007ffff651a9f5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__libc_message @ 0x00007ffff65727e5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
malloc_printerr @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
Registers:
rax=0x0000000000000026 rbx=0x00000000006ca5c0 rcx=0x0000000000000000 rdx=0x0000000000000000
rsi=0x0000000000000000 rdi=0x00007ffff6686aa6 rbp=0x00007ffff6686aa6 rsp=0x00007fffffffcb08
r8=0x0000000000000000 r9=0x0000000000000087 r10=0x00007ffff7df3be0 r11=0x0000000000000001
r12=0x00007ffff7feb4e8 r13=0x0000000090000001 r14=0x00007ffff7ffd040 r15=0x00000000006ca5c0
rip=0x00007ffff7df294a efl=0x0000000000010287 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
(1 of 14) - Hash: c592392695842a496dafad8d609e61b9.aa87b7aa65d307308f17fbfea8023de9
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000431,sig:06,src:002039,op:havoc,rep:2
SHA1: 007fea61830a4f6fd221101a18c1115106f576ff
Classification: UNKNOWN
Hash: c592392695842a496dafad8d609e61b9.aa87b7aa65d307308f17fbfea8023de9
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x000000000041ccce: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_row @ 0x000000000041ccce: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041ccce: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x000000000000784a rdi=0x000000000000784a rbp=0x00000000004867b7 rsp=0x00007fffffffd7a8
r8=0x00000000006c56f0 r9=0xff00000000000000 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x000000000000077a r13=0x00000000004867ca r14=0x0000000000000c00 r15=0x00000000006c5180
rip=0x00007ffff6530428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 1) - Hash: 900fc85d185f547d71e7698a3f5426a4.1668abd16e41444f6acba5b462d9a3ba
---CRASH SUMMARY---
Filename: asan/crashes/id:000009,sig:06,src:000015,op:havoc,rep:2
SHA1: 37416e7ae8d67d814c50238e6b5a156c4cfad07d
Classification: UNKNOWN
Hash: 900fc85d185f547d71e7698a3f5426a4.1668abd16e41444f6acba5b462d9a3ba
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
tds_swap_numeric @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_numeric_get @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_process_params_result @ 0x00000000005023eb: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005023eb: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe1700 rbx=0x000060404b3c21f9 rcx=0x00000c080967843f rdx=0x00000000014960b0
rsi=0x000000004b3b4ca7 rdi=0x000060400000d553 rbp=0x00007fffffffd1c0 rsp=0x00007fffffffd1a0
r8=0x00000c087fff9ab0 r9=0x00000c087fff9aa8 r10=0x00000c087fff9ab1 r11=0x00007ffff5d65790
r12=0x000060400000d553 r13=0x0000000000000009 r14=0x000060400000d553 r15=0x0000000000823810
rip=0x0000000000520447 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 2) - Hash: e2c9f8b94d07dca4101b98bf89d04d67.e886b8c12a0c2683dd917b89c4aa21e7
---CRASH SUMMARY---
Filename: asan/crashes/id:000357,sig:06,src:001159+001831,op:splice,rep:8
SHA1: a1fe115f60c6ea27246d5da4d5197ca50b0d1c14
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: e2c9f8b94d07dca4101b98bf89d04d67.e886b8c12a0c2683dd917b89c4aa21e7
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_row_free @ 0x00000000004f5ae2: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_row_free @ 0x00000000004f5ae2: in /root/aflasan/build/src/apps/tsql
tds_free_results @ 0x00000000004f33e9: in /root/aflasan/build/src/apps/tsql
tds_free_param_results @ 0x00000000004f660a: in /root/aflasan/build/src/apps/tsql
tds_free_all_results @ 0x00000000004f660a: in /root/aflasan/build/src/apps/tsql
tds_free_socket @ 0x00000000004fa23b: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004f0e89: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x000060600000e618 rbx=0x0000000000000000 rcx=0x0000000000008fb3 rdx=0x00000000014960b0
rsi=0x0000602000009e10 rdi=0x000060f00000e7e8 rbp=0x00007fffffffd8b0 rsp=0x00007fffffffd840
r8=0x0000000000000003 r9=0x0000000000000030 r10=0x0000000000000038 r11=0x0000000000000000
r12=0x0000000000000000 r13=0x0000000000000000 r14=0x0000000000823810 r15=0x0000000000000000
rip=0x00000000004f5ae2 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
(1 of 13) - Hash: eccea31fa5e7942269521fbd43e119e7.083f02fe6251b28b2c56c86425c82234
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000275,sig:11,src:001793,op:havoc,rep:8
SHA1: 70b0480522dbe662060488b0669c61ad86817a55
Classification: UNKNOWN
Hash: eccea31fa5e7942269521fbd43e119e7.083f02fe6251b28b2c56c86425c82234
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_params_result @ 0x0000000000417859: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000417859: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c55e4 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000bc62704f rdi=0x00000000006c55e3 rbp=0xffffffffbccec631 rsp=0x00007fffffffd8f0
r8=0x0000000000000000 r9=0x0000000000000000 r10=0x00000000006c55d0 r11=0x0000000000000286
r12=0x0000000000000001 r13=0x0000000000695530 r14=0x00000000bc62704f r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 59) - Hash: 13127615c03e24b2dceed91b2c4399e3.fa6ea1e3803f22d008020cfacedd42a1
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000404,sig:11,src:002304,op:havoc,rep:8
SHA1: fa53f112e9232fddd0e8bd91fd794b9b11087551
Classification: PROBABLY_EXPLOITABLE
Hash: 13127615c03e24b2dceed91b2c4399e3.fa6ea1e3803f22d008020cfacedd42a1
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds7_process_result @ 0x000000000041d1f4: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000417a4e: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x00000000006c53b4 rdi=0x00000000006dae80 rbp=0x0000000000000000 rsp=0x00007fffffffd8c0
r8=0x00000000006a8f60 r9=0x0000000000000001 r10=0x0000000000000004 r11=0x0000000000000004
r12=0x0000000000695530 r13=0x0000000000007f00 r14=0x00000000006c5180 r15=0x00000000006c5770
rip=0x0000000000409c89 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 2) - Hash: 18cfee91deaf9d77bd4be3704880c5e4.fc3a097ab7fe90032db1772cafad4a98
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000031,sig:11,src:000331+000760,op:splice,rep:32
SHA1: c0c8843be6d19735d822e80a0b915fc694db0c12
Classification: PROBABLY_EXPLOITABLE
Hash: 18cfee91deaf9d77bd4be3704880c5e4.fc3a097ab7fe90032db1772cafad4a98
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000420bc1: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_nbcrow @ 0x0000000000420bc1: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414315: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000091e9 rdx=0x0000000000695930
rsi=0x00000000006dae80 rdi=0x00000000006c5180 rbp=0x00007fffffffd9a0 rsp=0x00007fffffffd960
r8=0x00000000006a8740 r9=0x0000000000000000 r10=0x00000000006a8a70 r11=0x0000000000000246
r12=0x0000000000695530 r13=0x00007fffffffd960 r14=0x00000000006c5650 r15=0x00000000006dae80
rip=0x0000000000420bc1 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 477) - Hash: aac306b6b6fae92e187966d031976f8a.184d55a5ebadddc20c4a4115ba6b5bde
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000100,sig:11,src:000778+000163,op:splice,rep:4
SHA1: ac4c16f9b24f30958016cdbfa2cfc4532f73f471
Classification: PROBABLY_EXPLOITABLE
Hash: aac306b6b6fae92e187966d031976f8a.184d55a5ebadddc20c4a4115ba6b5bde
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000422910: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414035: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c5720 rbp=0x0000000000000000 rsp=0x00007fffffffd940
r8=0x00007fffffffd898 r9=0x0000000000000040 r10=0x00007ffff68beb88 r11=0x0000000000000001
r12=0x0000000000695530 r13=0x000000000000ecec r14=0x00000000006c56d0 r15=0x00000000006c56d0
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 6) - Hash: 604e1dc86de80c32c0a104fa9d7ea6f1.35a4bde43cb2d1c3ca57a01c4b27a698
---CRASH SUMMARY---
Filename: asan/crashes/id:000152,sig:06,src:001068,op:havoc,rep:4
SHA1: 5513d8608f8da8cf95b4ef98613160e3f22d0484
Classification: PROBABLY_EXPLOITABLE
Hash: 604e1dc86de80c32c0a104fa9d7ea6f1.35a4bde43cb2d1c3ca57a01c4b27a698
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds5_process_result @ 0x00000000005115b5: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x000000000050781e: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x000060f00000ed70 rbp=0x00007fffffffd170 rsp=0x00007fffffffd130
r8=0x00000ffffffff9c4 r9=0x000000000000000a r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x0000000000006400 r13=0x0000000000006400 r14=0x0000000000000000 r15=0x00000c0c00001cd8
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 2) - Hash: d4328ca2a563f781aad26fdecaba0d19.583a78a86374e1d8d2fdf1568ab8ff67
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000048,sig:11,src:000268,op:arith8,pos:273,val:-18
SHA1: 2b0949a97206e342e8a8ff211d2259063ada7728
Classification: PROBABLY_EXPLOITABLE
Hash: d4328ca2a563f781aad26fdecaba0d19.583a78a86374e1d8d2fdf1568ab8ff67
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x00000000004142aa: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_row @ 0x00000000004142aa: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x00000000004142aa: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00000000ffffffff rcx=0x00000000006a8b50 rdx=0x0000000000695930
rsi=0x00000000006c5670 rdi=0x00000000006c5180 rbp=0x0000000000000000 rsp=0x00007fffffffd9b0
r8=0x00000000006a88e0 r9=0x0000000000000000 r10=0x00000000006daec0 r11=0x0000000000000246
r12=0x00000000004867ee r13=0x0000000000695530 r14=0x00000000006c5180 r15=0x00000000006dae80
rip=0x00000000004142aa efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 8) - Hash: 2a35bb3cad64b1ea93b98d55928c49f0.2a35bb3cad64b1ea93b98d55928c49f0
---CRASH SUMMARY---
Filename: asan/crashes/id:000269,sig:06,src:001664+000584,op:splice,rep:8
SHA1: c0d9fb3d889cda2fe91e8c7483374156adb4d627
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: 2a35bb3cad64b1ea93b98d55928c49f0.2a35bb3cad64b1ea93b98d55928c49f0
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_set_spid @ 0x0000000000525609: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (4 entries):
tds_set_spid @ 0x0000000000525609: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000525609: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x0000000000001867 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x0000000000000008 rbp=0x00007fffffffd9b0 rsp=0x00007fffffffd400
r8=0x0000000000000000 r9=0x00000c087fff9aa8 r10=0x00000c087fff9ab1 r11=0x0000000000000008
r12=0x00007fffffffd570 r13=0x0000000000823810 r14=0x000061400000fc40 r15=0x00000ffffffffaac
rip=0x0000000000525609 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
(1 of 2) - Hash: 26dce096513e7575b05dceff734d089e.f27622db004fb4b46560a4ab28ba1f34
---CRASH SUMMARY---
Filename: asan/crashes/id:000306,sig:06,src:001219+001202,op:splice,rep:32
SHA1: 38bc10aec03e97645ef142f582ee8d35b5c832e5
Classification: PROBABLY_EXPLOITABLE
Hash: 26dce096513e7575b05dceff734d089e.f27622db004fb4b46560a4ab28ba1f34
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_col_fmt @ 0x0000000000512dfc: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_col_fmt @ 0x0000000000512dfc: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x0000000000507e15: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000061400000fc40 rcx=0x00000ffffffffa08 rdx=0x0000000000000000
rsi=0x000061d00001e3ca rdi=0x0000000000000008 rbp=0x00007fffffffd1b0 rsp=0x00007fffffffd140
r8=0x0000000000000003 r9=0x0000000000000030 r10=0x0000000000000038 r11=0x00007ffff5d65550
r12=0x0000000000000000 r13=0x0000000000823810 r14=0x00007fffffffd1c0 r15=0x0000000000823810
rip=0x0000000000512dfc efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 3) - Hash: 85df184418e16cc7da360f2267e352cf.e84f3b332be74fc334b5f1d418c6da6b
---CRASH SUMMARY---
Filename: fuzzer6/crashes/id:000378,sig:06,src:001791+001319,op:splice,rep:64
SHA1: af273f86da39ff34567e75210965e5d39bd37fea
Classification: EXPLOITABLE
Hash: 85df184418e16cc7da360f2267e352cf.e84f3b332be74fc334b5f1d418c6da6b
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_param_free @ 0x00000000004091c2: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (12 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__libc_message @ 0x00007ffff65727ea: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
malloc_printerr @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_param_free @ 0x00000000004091c2: in /root/freetds/build/src/apps/tsql
tds_free_results @ 0x000000000040865a: in /root/freetds/build/src/apps/tsql
tds_free_param_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000000000000006b rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000005ee7 rdi=0x0000000000005ee7 rbp=0x00007fffffffdcc0 rsp=0x00007fffffffd928
r8=0x0000000000000007 r9=0x0000000000000000 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x000000000000006b r13=0x00007fffffffdad8 r14=0x00007fffffffdad8 r15=0x0000000000000002
rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Heap error
Short description: HeapError (10/22)
Explanation: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free(), etc. Since heap errors might include buffer overflows, use-after-free situations, etc. they are generally considered exploitable.
---END SUMMARY---
(1 of 4) - Hash: d0003026cc6fdc85e8c11406a7477e4d.fee506dbcf372629920cd402bc320472
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000356,sig:11,src:001973,op:havoc,rep:8
SHA1: e9cdb67e8613beb5d8190422cca9e64b25afe39f
Classification: UNKNOWN
Hash: d0003026cc6fdc85e8c11406a7477e4d.fee506dbcf372629920cd402bc320472
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_free_packets @ 0x000000000040ce13: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
malloc_consolidate @ 0x00007ffff65793b5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657b0a8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_free_packets @ 0x000000000040ce13: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040ce13: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x6c0000000000087c rbx=0x00000000006ca4d0 rcx=0x00007fffffffdd00 rdx=0x0000000000000021
rsi=0x0000000000000000 rdi=0x00007ffff68beb20 rbp=0x00000000000070c8 rsp=0x00007fffffffdcb0
r8=0x00000000006a6360 r9=0x0000000000000000 r10=0x00007ffff68beb78 r11=0x00007ffff68beb30
r12=0x00000000006ca500 r13=0x0bf4ff7f00000000 r14=0x00007ffff68beb20 r15=0x00007ffff68beb78
rip=0x00007ffff65793b5 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 209) - Hash: 6212fa156d59550d8e777ef9a4d2c135.afaaee16254df7485bec56c94af977d6
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000252,sig:06,src:001706,op:havoc,rep:2
SHA1: 0b4b4539a4f797db18da694e481eb0be513b3a30
Classification: UNKNOWN
Hash: 6212fa156d59550d8e777ef9a4d2c135.afaaee16254df7485bec56c94af977d6
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds5_process_optioncmd @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds5_process_optioncmd @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000003997 rdi=0x0000000000003997 rbp=0x00000000004861fc rsp=0x00007fffffffd7f8
r8=0xfefefefefefefeff r9=0x0000000000000001 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x0000000000000b44 r13=0x0000000000486210 r14=0x00000000006c5180 r15=0x00000000000000a6
rip=0x00007ffff6530428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 43) - Hash: 8a6efd7a40e904ae89aea74e53ee8682.aee7a1ce0bdd13b7a25b0cd5cec6e005
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000371,sig:11,src:001297+000037,op:splice,rep:16
SHA1: b06004de4706ebb9c726b63e4c138f80cf6d1dd0
Classification: PROBABLY_EXPLOITABLE
Hash: 8a6efd7a40e904ae89aea74e53ee8682.aee7a1ce0bdd13b7a25b0cd5cec6e005
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000422910: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x00000000004184f0: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c5690 rbp=0x0000000000000000 rsp=0x00007fffffffd8f0
r8=0x00007fffffffd848 r9=0x0000000000000001 r10=0x00000000006b8cd0 r11=0x0000000000000246
r12=0x0000000000695530 r13=0x00000000000000ec r14=0x00000000006c5640 r15=0x00000000006c5640
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 18) - Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.dce2d62c9c380ca69e1357cc2575ccea
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000088,sig:11,src:000597+000699,op:splice,rep:32
SHA1: 9b3987cffaeb689f1fbfba6cc62615c84c693676
Classification: PROBABLY_EXPLOITABLE
Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.dce2d62c9c380ca69e1357cc2575ccea
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (12 entries):
__memcpy_sse2_unaligned @ 0x00007ffff6599c99: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
tds_convert_stream @ 0x000000000047ccf1: in /root/freetds/build/src/apps/tsql
read_and_convert @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_get_char_data @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_generic_get @ 0x00000000004706a8: in /root/freetds/build/src/apps/tsql
tds_process_nbcrow @ 0x0000000000420bc4: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414315: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007fffffffc7b9 rbx=0x0000000000000067 rcx=0x00000000000000ce rdx=0x0000000000000067
rsi=0x00007fffffffc820 rdi=0x0000000000000000 rbp=0x0000000000695530 rsp=0x00007fffffffc6b8
r8=0x00007fffffffc810 r9=0x00007fffffffc808 r10=0x0000000000004022 r11=0x0000000000000246
r12=0x00007fffffffc800 r13=0x00007fffffffc818 r14=0x00000000006c5370 r15=0x00007fffffffc810
rip=0x00007ffff6599c99 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 1) - Hash: c440f8f6e05ddc77f7df27410548e712.cd70bb6d40451936998b811c27016d63
---CRASH SUMMARY---
Filename: asan/crashes/id:000099,sig:06,src:000637,op:havoc,rep:2
SHA1: b2577f9903d6514cc9c31d348271ad96957c27f4
Classification: UNKNOWN
Hash: c440f8f6e05ddc77f7df27410548e712.cd70bb6d40451936998b811c27016d63
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
tds_swap_numeric @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_numeric_get @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_process_nbcrow @ 0x00000000005147f6: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502cf1: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe1700 rbx=0x000060804b3c09f9 rcx=0x00000c100967813f rdx=0x00000000014960b0
rsi=0x000000004b3b4ca7 rdi=0x000060800000bd53 rbp=0x00007fffffffd0c0 rsp=0x00007fffffffd0a0
r8=0x00000c107fff97b0 r9=0x00000c107fff97a8 r10=0x00000c107fff97b2 r11=0x00007ffff5d65790
r12=0x000060800000bd53 r13=0x0000000000000021 r14=0x000060800000bd53 r15=0x0000000000823810
rip=0x0000000000520447 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 1) - Hash: b9b0695b6e3615fe8faf8303589101fe.7e0684e61824e31ac32710b617bfd6ec
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000416,sig:11,src:000611+000604,op:splice,rep:4
SHA1: 6262405e551f4247374f5c072ab128484ed9cdd3
Classification: EXPLOITABLE
Hash: b9b0695b6e3615fe8faf8303589101fe.7e0684e61824e31ac32710b617bfd6ec
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_variant_get @ 0x000000000046ef6a: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_variant_get @ 0x000000000046ef6a: in /root/freetds/build/src/apps/tsql
tds_process_param_result @ 0x000000000042082c: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00000000ffffffff rbx=0x0000000000fffffe rcx=0x00000000006dc2d4 rdx=0x00000000006c5180
rsi=0x0000000000fffffe rdi=0x00000000006c5180 rbp=0x00000000006c5720 rsp=0x00007fffffffd8e0
r8=0x00007ffff7fe2740 r9=0x0000000000000040 r10=0x0000000000000024 r11=0x0000000000000000
r12=0x00000000006c55c0 r13=0x0000000000000028 r14=0x00000000006c5180 r15=0x0000000000695530
rip=0x000000000046ef6a efl=0x0000000000010296 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on destination operand
Short description: DestAv (8/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control the write address and/or value.
---END SUMMARY---
(1 of 569) - Hash: 11ba1aa7d74b104046a43d4f4d64d52e.c1283b2efc37e2b770ae9cb9cbf9b9e7
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000373,sig:11,src:000544+000665,op:splice,rep:4
SHA1: 7feba0820be07e56a6a2d65ba2834b571b6f1ee1
Classification: PROBABLY_EXPLOITABLE
Hash: 11ba1aa7d74b104046a43d4f4d64d52e.c1283b2efc37e2b770ae9cb9cbf9b9e7
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds5_process_result @ 0x000000000041e91d: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414122: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006dae80 rbp=0x0000000000000000 rsp=0x00007fffffffd940
r8=0x00007fffffffd898 r9=0x0000000000000040 r10=0x00000000006a9020 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x0000000000000008 r14=0x00000000006c5690 r15=0x00000000006c5690
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 221) - Hash: 51da8d0a846fd3492a8b2d4f50dcf79e.4ad4957dd045a9f41ad8352f484ec356
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000177,sig:11,src:001300+000878,op:splice,rep:16
SHA1: 39b22735888be58024dba192c8dccd8aaea8ee29
Classification: PROBABLY_EXPLOITABLE
Hash: 51da8d0a846fd3492a8b2d4f50dcf79e.4ad4957dd045a9f41ad8352f484ec356
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x000000000040a139: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_row @ 0x000000000040a139: in /root/freetds/build/src/apps/tsql
tds_alloc_compute_row @ 0x000000000040a139: in /root/freetds/build/src/apps/tsql
tds_process_compute_resul @ 0x000000000041c351: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041c351: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x0000000000006cf3 rdx=0x0000000000695930
rsi=0x0000000000483f83 rdi=0x00000000006c55e0 rbp=0x0000000000000000 rsp=0x00007fffffffd920
r8=0x0000000000000000 r9=0x0000000000000040 r10=0x0000000000000024 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x0000000000007d00 r14=0x0000000000007d00 r15=0x00000000006c5790
rip=0x000000000040a139 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 142) - Hash: 4eaf2fb1236ce8784abaddec3d3bac72.98632c0e1dbdb0305a51b1e3f735660f
---CRASH SUMMARY---
Filename: fuzzer6/crashes/id:000326,sig:11,src:002047,op:havoc,rep:4
SHA1: 2f6f197a430842d4de07a0b9d33b053e7703dd16
Classification: PROBABLY_EXPLOITABLE
Hash: 4eaf2fb1236ce8784abaddec3d3bac72.98632c0e1dbdb0305a51b1e3f735660f
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_compute_result @ 0x000000000041a907: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_compute_resul @ 0x000000000041a907: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041a907: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000000000000002b rcx=0x000000000000007c rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c5180 rbp=0x00000000006c5180 rsp=0x00007fffffffd960
r8=0x00000000006a8a80 r9=0x0000000000000000 r10=0x00000000006a8b40 r11=0x0000000000000286
r12=0x0000000000000000 r13=0x0000000000000001 r14=0x00000000006c5770 r15=0x0000000000695530
rip=0x000000000041a907 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 22) - Hash: 3923de7518edf6f8eab71f412e46befe.c20c70f2d97aabae7be86194ea258061
---CRASH SUMMARY---
Filename: fuzzer2/crashes/id:000259,sig:06,src:001548,op:havoc,rep:64
SHA1: 7a2195c04d163d878cee2e74d05550023fa683d9
Classification: UNKNOWN
Hash: 3923de7518edf6f8eab71f412e46befe.c20c70f2d97aabae7be86194ea258061
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds5_process_optioncmd @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (11 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds5_process_optioncmd @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000416d19: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041829f: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000002135 rdi=0x0000000000002135 rbp=0x00000000004861fc rsp=0x00007fffffffd748
r8=0xfefefefefefefeff r9=0x0000000000000001 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x0000000000000b44 r13=0x0000000000486210 r14=0x00000000006c5180 r15=0x00000000000000a6
rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 26) - Hash: 3b2165e4cf421e844a5a2ed411747160.5912f8eb10c56679ae8831b748d7703d
---CRASH SUMMARY---
Filename: asan/crashes/id:000374,sig:06,src:001753,op:havoc,rep:2
SHA1: b7267a33abe3b4f6dbd6909a79b1b9f417bd4975
Classification: PROBABLY_EXPLOITABLE
Hash: 3b2165e4cf421e844a5a2ed411747160.5912f8eb10c56679ae8831b748d7703d
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_col_fmt @ 0x0000000000512dfc: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_col_fmt @ 0x0000000000512dfc: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005030fb: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000061400000fc40 rcx=0x00000ffffffffa14 rdx=0x0000000000000000
rsi=0x000061600000f1c1 rdi=0x0000000000000008 rbp=0x00007fffffffd210 rsp=0x00007fffffffd1a0
r8=0x00007ffff7f8de30 r9=0x0000000000000009 r10=0x0000000000000000 r11=0x00007ffff5d65550
r12=0x00000000000000a1 r13=0x000061400000fc40 r14=0x0000000000292be8 r15=0x0000000000823810
rip=0x0000000000512dfc efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 1) - Hash: 24f287b26bc955518906c1af75904fdb.077d703fe9ae86e24dbd2cdeb282feb6
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000047,sig:11,src:000268,op:arith8,pos:273,val:-12
SHA1: d3b696deb237a4beb6f9a00f661e1f69751c1d26
Classification: PROBABLY_EXPLOITABLE
Hash: 24f287b26bc955518906c1af75904fdb.077d703fe9ae86e24dbd2cdeb282feb6
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_params_result_token @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_params_result @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000413988: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000006a8b50 rdx=0x0000000000695930
rsi=0x00000000006c5670 rdi=0x00000000006c5180 rbp=0x0000000000000000 rsp=0x00007fffffffd9b0
r8=0x00000000006a88e0 r9=0x0000000000000000 r10=0x00000000006daec0 r11=0x0000000000000246
r12=0x0000000000695530 r13=0x0000000000695530 r14=0x00000000006c5180 r15=0x00000000006dae80
rip=0x0000000000413988 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 16) - Hash: 5454759a68783c6ea3eef3c3da81a196.b37e22ded15d4997b9413b0f31c2a30d
---CRASH SUMMARY---
Filename: fuzzer6/crashes/id:000416,sig:11,src:001843+001848,op:splice,rep:16
SHA1: 76954b49048dfc26c84d67523e6a81918fb9536b
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: 5454759a68783c6ea3eef3c3da81a196.b37e22ded15d4997b9413b0f31c2a30d
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_row_free @ 0x0000000000409f5f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_row_free @ 0x0000000000409f5f: in /root/freetds/build/src/apps/tsql
tds_free_results @ 0x000000000040874e: in /root/freetds/build/src/apps/tsql
tds_free_param_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00000000006a88e0 rbx=0x0000000000000003 rcx=0x000000000000ed01 rdx=0x0000000000695930
rsi=0x00000000006a88e0 rdi=0x00000000006daf40 rbp=0x00000000006db050 rsp=0x00007fffffffdda0
r8=0x00000000006ca4e0 r9=0x0000000000000000 r10=0x00000000006ca4d0 r11=0x0000000000000004
r12=0x0000000000695530 r13=0x0000000000409e30 r14=0xffffffffff957720 r15=0x00000000006daf40
rip=0x0000000000409f5f efl=0x0000000000010283 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
(1 of 5) - Hash: 18bfe421821b150fe7cf39c797e64527.e7eb4a5492a493904deda91940cc58df
---CRASH SUMMARY---
Filename: asan/crashes/id:000081,sig:06,src:000388+000130,op:splice,rep:16
SHA1: a9d213205ed5cbfab55d9a95baa63231fa15a16f
Classification: UNKNOWN
Hash: 18bfe421821b150fe7cf39c797e64527.e7eb4a5492a493904deda91940cc58df
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000514a22: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_nbcrow @ 0x0000000000514a22: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502cf1: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x00000000000002c2 rdi=0x00000000000002c2 rbp=0x00000000005d0240 rsp=0x00007fffffffcfc8
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x0000000000000796 r13=0x00000000005d0340 r14=0x0000000000000000 r15=0x0000000000823810
rip=0x00007ffff5c05428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 1) - Hash: b75151c15bc7e3517b435b37668afb49.91452309f3579d945ff41f07d99fb9e3
---CRASH SUMMARY---
Filename: asan/crashes/id:000323,sig:06,src:001079,op:havoc,rep:2
SHA1: 7fd770fa1edc396a3538524032611d9bd823231d
Classification: UNKNOWN
Hash: b75151c15bc7e3517b435b37668afb49.91452309f3579d945ff41f07d99fb9e3
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
tds_swap_numeric @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_numeric_get @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_process_row @ 0x000000000050898b: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x000000000050898b: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe1700 rbx=0x000060404b3c21b9 rcx=0x00000c0809678437 rdx=0x00000000014960b0
rsi=0x000000004b3b4ca7 rdi=0x000060400000d513 rbp=0x00007fffffffd160 rsp=0x00007fffffffd140
r8=0x0000000000000000 r9=0x000000000000001e r10=0x000000000000000c r11=0x0000000000000000
r12=0x000060400000d513 r13=0x0000000000000020 r14=0x000060400000d513 r15=0x0000000000823810
rip=0x0000000000520447 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 21) - Hash: 176a97ed9b72ed49919ea22830a2bbef.f6b7be08cabc57b879aacf830f1a50e4
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000120,sig:06,src:001121+000949,op:splice,rep:4
SHA1: 0c40ff65d812d5734969deb45524dd705493b93c
Classification: UNKNOWN
Hash: 176a97ed9b72ed49919ea22830a2bbef.f6b7be08cabc57b879aacf830f1a50e4
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x0000000000416d5f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_row @ 0x0000000000416d5f: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000416d5f: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000002101 rdi=0x0000000000002101 rbp=0x00000000004867b7 rsp=0x00007fffffffd7f8
r8=0x00000000006c56a0 r9=0xff00000000000000 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x000000000000077a r13=0x00000000004867ca r14=0x00000000006c5180 r15=0x00000000006c5750
rip=0x00007ffff6530428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 479) - Hash: 67307ae4f25346913cdaad4a2279b866.bcf4d6352a5e62dc598494ae05a12cec
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000342,sig:11,src:001032+000535,op:splice,rep:4
SHA1: 3e60c7565bf73e10b62e181fa2e38c2e9d2447dc
Classification: PROBABLY_EXPLOITABLE
Hash: 67307ae4f25346913cdaad4a2279b866.bcf4d6352a5e62dc598494ae05a12cec
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_param_data @ 0x0000000000408f9d: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_param_data @ 0x0000000000408f9d: in /root/freetds/build/src/apps/tsql
tds_process_param_result @ 0x00000000004207f0: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00000000006c55c0 rcx=0x000000000000c1c9 rdx=0x0000000000695930
rsi=0x00000000006c54b9 rdi=0x00000000006c55c0 rbp=0x00000000000000ac rsp=0x00007fffffffd950
r8=0x00000000006dafc0 r9=0x0000000000000001 r10=0x00007ffff68beb78 r11=0x00007ffff68beb78
r12=0x0000000000695530 r13=0x0000000000695530 r14=0x00000000006c52a0 r15=0x0000000000695530
rip=0x0000000000408f9d efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 60) - Hash: 00893ee80f67d12d2549738e27c85121.d112fd3cc36231ae3b807f860786cc85
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000323,sig:11,src:001815+000738,op:splice,rep:8
SHA1: b59723962faf3075ef2df5fbdae5f5ea69d95f03
Classification: PROBABLY_EXPLOITABLE
Hash: 00893ee80f67d12d2549738e27c85121.d112fd3cc36231ae3b807f860786cc85
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_param_data @ 0x0000000000408f9d: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_param_data @ 0x0000000000408f9d: in /root/freetds/build/src/apps/tsql
tds_process_param_result @ 0x00000000004207f0: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x000000000041a042: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041a042: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00000000006c5610 rcx=0x000000000000c1c9 rdx=0x0000000000695930
rsi=0x00000000006c5411 rdi=0x00000000006c5610 rbp=0x0000000000000000 rsp=0x00007fffffffd900
r8=0x00007fffffffd848 r9=0x0000000000000000 r10=0x00000000006a89a0 r11=0x0000000000000286
r12=0x0000000000695530 r13=0x00000000000000ac r14=0x00000000006c52a0 r15=0x0000000000695530
rip=0x0000000000408f9d efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 1) - Hash: 22e55b6658e7aca376de2fedae65f90c.4503710631e52a71d44c41c19a89494d
---CRASH SUMMARY---
Filename: asan/crashes/id:000317,sig:06,src:001296+001717,op:splice,rep:4
SHA1: b6a84304fb40fb75d9ccb7f67bbb038db0348058
Classification: PROBABLY_EXPLOITABLE
Hash: 22e55b6658e7aca376de2fedae65f90c.4503710631e52a71d44c41c19a89494d
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000517ec8: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502cbb: in /root/aflasan/build/src/apps/tsql
tds_process_info @ 0x00000000005155e2: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005024e9: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x000060f00000ed70 rbp=0x00007fffffffcf50 rsp=0x00007fffffffcf10
r8=0x00000ffffffff980 r9=0x000000000000000d r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x000000000000cbd2 r13=0x000000000000cbd2 r14=0x0000000000000000 r15=0x00000c0c00001cd8
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 4) - Hash: 4c8ec657368c2aa4471bf4fef7790f38.8daf40712fdd6f7b5f4a07e4db80b910
---CRASH SUMMARY---
Filename: asan/crashes/id:000137,sig:06,src:000970+000684,op:splice,rep:2
SHA1: 5d6b6e5400dbcc3804723f53ec7ba93648c57ae9
Classification: UNKNOWN
Hash: 4c8ec657368c2aa4471bf4fef7790f38.8daf40712fdd6f7b5f4a07e4db80b910
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds5_process_optioncmd @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (11 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds5_process_optioncmd @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x00000000005074b4: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x0000000000005708 rdi=0x0000000000005708 rbp=0x00000000005cf320 rsp=0x00007fffffffcf08
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x0000000000000b44 r13=0x00000000005cf360 r14=0x0000000000292be8 r15=0x0000000000823810
rip=0x00007ffff5c05428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 2) - Hash: 915fc46ede10feeb7a9374c1e8ef9ebf.417ea2244b849204fb26be5d0d79bd99
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000213,sig:11,src:001475+000707,op:splice,rep:16
SHA1: 8e0c45c15f66c6e63bc614dfedffc025dc1f0526
Classification: PROBABLY_EXPLOITABLE
Hash: 915fc46ede10feeb7a9374c1e8ef9ebf.417ea2244b849204fb26be5d0d79bd99
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000420bc1: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_nbcrow @ 0x0000000000420bc1: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000419e64: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000091e9 rdx=0x0000000000695930
rsi=0x00000000006c5630 rdi=0x00000000006c5180 rbp=0x00007fffffffd950 rsp=0x00007fffffffd910
r8=0x00000000006a88e0 r9=0x0000000000000000 r10=0x00000000006a8c10 r11=0x00007ffff68beb78
r12=0x0000000000695530 r13=0x00007fffffffd910 r14=0x00000000006c55e0 r15=0x00000000006c5630
rip=0x0000000000420bc1 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 5) - Hash: a6a7a11fd18b048a936fd84154a856c5.e19450d88769e49b755b9b8e550e4481
---CRASH SUMMARY---
Filename: asan/crashes/id:000087,sig:06,src:000510+000264,op:splice,rep:4
SHA1: 5e3a05563e4029e0b890717f9afba821babc40b3
Classification: UNKNOWN
Hash: a6a7a11fd18b048a936fd84154a856c5.e19450d88769e49b755b9b8e550e4481
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x000000000050601d: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_row @ 0x000000000050601d: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x000000000050601d: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x00000000000028a5 rdi=0x00000000000028a5 rbp=0x00000000005d0240 rsp=0x00007fffffffd068
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x000000000000077a r13=0x00000000005d0280 r14=0x000061400000fc40 r15=0x0000000000823810
rip=0x00007ffff5c05428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 1) - Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.4ab9ab625c63fefd8a92d4f3ac191a80
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000135,sig:11,src:001098+000890,op:splice,rep:4
SHA1: 7d7da3853ee75bb4771328b55cfecbe80cb6a077
Classification: PROBABLY_EXPLOITABLE
Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.4ab9ab625c63fefd8a92d4f3ac191a80
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (12 entries):
__memcpy_sse2_unaligned @ 0x00007ffff6599c99: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
tds_convert_stream @ 0x000000000047ccf1: in /root/freetds/build/src/apps/tsql
read_and_convert @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_get_char_data @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_generic_get @ 0x00000000004706a8: in /root/freetds/build/src/apps/tsql
tds_process_row @ 0x00000000004142ad: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x00000000004142ad: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007fffffffb870 rbx=0x0000000000001000 rcx=0x0000000000002000 rdx=0x0000000000001000
rsi=0x00007fffffffc870 rdi=0x0000000000000000 rbp=0x0000000000695530 rsp=0x00007fffffffc708
r8=0x00007fffffffc860 r9=0x00007fffffffc858 r10=0x0000000000000016 r11=0x0000000000000000
r12=0x00007fffffffc850 r13=0x00007fffffffc868 r14=0x00000000006c5370 r15=0x00007fffffffc860
rip=0x00007ffff6599c99 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 2) - Hash: 424d4432b9560bac881b4d391273dce7.d87668dbe7865c80a670bb3724cb11da
---CRASH SUMMARY---
Filename: asan/crashes/id:000202,sig:06,src:000384+000993,op:splice,rep:16
SHA1: f6ed5f5e9b561d8c3559d7037df8dbf87b136b49
Classification: UNKNOWN
Hash: 424d4432b9560bac881b4d391273dce7.d87668dbe7865c80a670bb3724cb11da
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
tds_swap_numeric @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_numeric_get @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_process_row @ 0x0000000000502eb2: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502eb2: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe1700 rbx=0x000060804b3c09f9 rcx=0x00000c100967813f rdx=0x00000000014960b0
rsi=0x000000004b3b4ca7 rdi=0x000060800000bd53 rbp=0x00007fffffffd1c0 rsp=0x00007fffffffd1a0
r8=0x00000c107fff97b0 r9=0x00000c107fff97a8 r10=0x00000c107fff97b1 r11=0x00007ffff5d65790
r12=0x000060800000bd53 r13=0x0000000000000007 r14=0x000060800000bd53 r15=0x0000000000823810
rip=0x0000000000520447 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 1) - Hash: b18e7e58272a2233a2f1ace23c634d88.7669a0d1dc716f8b1881459eeaf0fc7e
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000427,sig:06,src:001159+001971,op:splice,rep:4
SHA1: bd720d0908b5cccd981479a39073b20e4730793f
Classification: EXPLOITABLE
Hash: b18e7e58272a2233a2f1ace23c634d88.7669a0d1dc716f8b1881459eeaf0fc7e
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_row_free @ 0x000000000040a042: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (11 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__libc_message @ 0x00007ffff65727ea: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
malloc_printerr @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_row_free @ 0x000000000040a042: in /root/freetds/build/src/apps/tsql
tds_free_results @ 0x000000000040874e: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a5d5: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000000000000006c rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000002017 rdi=0x0000000000002017 rbp=0x00007fffffffdca0 rsp=0x00007fffffffd908
r8=0x0000000000000007 r9=0x0000000000000000 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x000000000000006c r13=0x00007fffffffdab8 r14=0x00007fffffffdab8 r15=0x0000000000000002
rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Heap error
Short description: HeapError (10/22)
Explanation: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free(), etc. Since heap errors might include buffer overflows, use-after-free situations, etc. they are generally considered exploitable.
---END SUMMARY---
(1 of 1) - Hash: 116beb47c3143da996220e3952859b24.99ef657aec5c388175fae6f3f142ca52
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000376,sig:06,src:001821,op:havoc,rep:4
SHA1: aef351434f74d216ea181540b871600495ebffed
Classification: EXPLOITABLE
Hash: 116beb47c3143da996220e3952859b24.99ef657aec5c388175fae6f3f142ca52
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (16 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__libc_message @ 0x00007ffff65727ea: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
malloc_printerr @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657ae0a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__gconv_close @ 0x00007ffff651c9d6: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
iconv_close @ 0x00007ffff651c20f: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_info_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_close @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_iconv_free @ 0x00000000004679bc: in /root/freetds/build/src/apps/tsql
tds_deinit_connection @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
tds_connection_remove_soc @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040cc5c: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x000000000000006c rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000003257 rdi=0x0000000000003257 rbp=0x00007fffffffdce0 rsp=0x00007fffffffd948
r8=0x0000000000000005 r9=0x0000000000000000 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x000000000000006c r13=0x00007fffffffdaf8 r14=0x00007fffffffdaf8 r15=0x0000000000000002
rip=0x00007ffff6530428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Heap error
Short description: HeapError (10/22)
Explanation: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free(), etc. Since heap errors might include buffer overflows, use-after-free situations, etc. they are generally considered exploitable.
---END SUMMARY---
(1 of 1) - Hash: a05784f2661b8205514bae06f6471eb7.1246cc3a44d45572e7c5c2b33ec8cc71
---CRASH SUMMARY---
Filename: asan/crashes/id:000183,sig:06,src:001174,op:havoc,rep:4
SHA1: 4ebc7eecd824255a8e7d4d4b52346bec2bb5d17c
Classification: UNKNOWN
Hash: a05784f2661b8205514bae06f6471eb7.1246cc3a44d45572e7c5c2b33ec8cc71
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_row @ 0x000000000050e7d3: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_row @ 0x000000000050e7d3: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x000000000050e7d3: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x0000000000000e7e rdi=0x0000000000000e7e rbp=0x00000000005d0240 rsp=0x00007fffffffd008
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x000000000000077a r13=0x00000000005d0280 r14=0x000060600000e660 r15=0x0000000000823810
rip=0x00007ffff5c05428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 1) - Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.c5d8ab7ad62c65dcbf5ad79343f33f72
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000102,sig:11,src:000965+000599,op:splice,rep:2
SHA1: 2565ffd609ba65a760c5f33cfb3d237018597804
Classification: PROBABLY_EXPLOITABLE
Hash: 8b1ef298795608eb9eef5fdf45bb4b8c.c5d8ab7ad62c65dcbf5ad79343f33f72
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (12 entries):
__memcpy_sse2_unaligned @ 0x00007ffff6599c99: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_iconv @ 0x000000000046852f: in /root/freetds/build/src/apps/tsql
tds_convert_stream @ 0x000000000047ccf1: in /root/freetds/build/src/apps/tsql
read_and_convert @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_get_char_data @ 0x000000000042ec7f: in /root/freetds/build/src/apps/tsql
tds_generic_get @ 0x00000000004706a8: in /root/freetds/build/src/apps/tsql
tds_process_params_result @ 0x000000000041398b: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x000000000041398b: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007fffffffb870 rbx=0x0000000000001000 rcx=0x0000000000002000 rdx=0x0000000000001000
rsi=0x00007fffffffc870 rdi=0x0000000000000000 rbp=0x0000000000695530 rsp=0x00007fffffffc708
r8=0x00007fffffffc860 r9=0x00007fffffffc858 r10=0x0000000000000016 r11=0x0000000000000000
r12=0x00007fffffffc850 r13=0x00007fffffffc868 r14=0x00000000006c5370 r15=0x00007fffffffc860
rip=0x00007ffff6599c99 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 6) - Hash: dbb14d629ff1b88b9eac4c6d5745510e.e19c8031527269d1b88deb36696fb4c5
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000377,sig:11,src:000685+002147,op:splice,rep:32
SHA1: 677a2a9d5fce6bf39a90fab80f0781ab1e48713e
Classification: PROBABLY_EXPLOITABLE
Hash: dbb14d629ff1b88b9eac4c6d5745510e.e19c8031527269d1b88deb36696fb4c5
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
_dl_fini @ 0x00007ffff7de79b9: in /lib/x86_64-linux-gnu/ld-2.23.so
Disassembly:
Stack Head (4 entries):
_dl_fini @ 0x00007ffff7de79b9: in /lib/x86_64-linux-gnu/ld-2.23.so
__run_exit_handlers @ 0x00007ffff6534ff8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_exit @ 0x00007ffff6535045: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
main @ 0x00000000004070bd: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00000000000040a5 rbx=0x0000000000000001 rcx=0x000000000000001f rdx=0x000000000000001e
rsi=0x000000000000001d rdi=0x00007fffffffdcb0 rbp=0x00007fffffffde40 rsp=0x00007fffffffdcb0
r8=0x00007ffff7ffd948 r9=0x00007ffff68bf540 r10=0x0000000000000080 r11=0x00007ffff6535030
r12=0x00007ffff7ffd048 r13=0x00007ffff68bfc40 r14=0x0000000000000001 r15=0x00000000006c57f0
rip=0x00007ffff7de79b9 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 6) - Hash: 1b2279e7f2df552dc22c59b780fa33d8.b009d9ecc17fdca72e59cf878b37e2fd
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000075,sig:11,src:000640,op:havoc,rep:8
SHA1: 219abc687498f10f077e9356635b27e8e1a1311f
Classification: UNKNOWN
Hash: 1b2279e7f2df552dc22c59b780fa33d8.b009d9ecc17fdca72e59cf878b37e2fd
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_param_result @ 0x000000000042082c: in /root/freetds/build/src/apps/tsql
tds_process_param_result_ @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414552: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c5724 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000a83411e8 rdi=0x00000000006c5723 rbp=0xffffffffa8a0690a rsp=0x00007fffffffd910
r8=0x00000000006c56a0 r9=0x0000000000000001 r10=0x00000000006c5710 r11=0x0000000000000246
r12=0x0000000000000012 r13=0x0000000000695530 r14=0x00000000a83411e8 r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 5) - Hash: dcf3a9b388fca4fb1a295a4680d07e16.45a19d342cea73062312fd6132ba1bf9
---CRASH SUMMARY---
Filename: fuzzer3/crashes/id:000451,sig:11,src:001795+001972,op:splice,rep:8
SHA1: f57a225c25fdbe32337c1930328879238036bf76
Classification: UNKNOWN
Hash: dcf3a9b388fca4fb1a295a4680d07e16.45a19d342cea73062312fd6132ba1bf9
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_free_results @ 0x0000000000408550: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
__GI___libc_free @ 0x00007ffff657e962: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_free_results @ 0x0000000000408550: in /root/freetds/build/src/apps/tsql
tds_free_param_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_all_results @ 0x000000000040a685: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c84b: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x6e75006c69626e73 rcx=0x0000000000002571 rdx=0x0000000000695930
rsi=0x0000000000000003 rdi=0x6e75006c69626e73 rbp=0x0000000000000000 rsp=0x00007fffffffdda0
r8=0x00000000006a8b50 r9=0x0000000000000000 r10=0x000000000000003c r11=0x0000000000000000
r12=0x0000000000695530 r13=0x0000000000000000 r14=0x00000000006dae80 r15=0x00000000006c5610
rip=0x00007ffff657e962 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 74) - Hash: cdc8b99120b9e53da1a096d5db01eab6.96e5abc7e65c4ce40dea4b75ba918c2d
---CRASH SUMMARY---
Filename: asan/crashes/id:000070,sig:06,src:000242+000546,op:splice,rep:64
SHA1: 1a70167b2e9da9ccd56d0be465384848fd4ca453
Classification: PROBABLY_EXPLOITABLE
Hash: cdc8b99120b9e53da1a096d5db01eab6.96e5abc7e65c4ce40dea4b75ba918c2d
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds7_process_result @ 0x000000000050f411: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005034bd: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000028 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x00000000000000bf rdi=0x000060f00000ec80 rbp=0x00007fffffffd1a0 rsp=0x00007fffffffd160
r8=0x00007ffff7f8ccd8 r9=0x0000000000000002 r10=0x0000000000000000 r11=0x0000000000000002
r12=0x0000000000000002 r13=0x0000000000000003 r14=0x0000000000000008 r15=0x00000c0c00001cd8
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 6) - Hash: d77fab504024c2fe10176a65d260b9d8.fb9dc9d9d1f8aa20e34e93ca9bcba4b2
---CRASH SUMMARY---
Filename: asan/crashes/id:000148,sig:06,src:001030,op:havoc,rep:8
SHA1: acc88c1aab7d50df7f81c32a319be7d6026e1c2e
Classification: PROBABLY_EXPLOITABLE
Hash: d77fab504024c2fe10176a65d260b9d8.fb9dc9d9d1f8aa20e34e93ca9bcba4b2
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000517ec8: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x000000000050754f: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x000060f00000eaa0 rbp=0x00007fffffffd170 rsp=0x00007fffffffd130
r8=0x00000ffffffff9c4 r9=0x000000000000000a r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x000000000000ecec r13=0x000000000000ecec r14=0x0000000000000000 r15=0x00000c0c00001ccc
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 7) - Hash: 982a5aae2eb27bd502d3172d11fc31a4.56e7f53b9a67d0b540cbf7412cee942b
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000199,sig:06,src:001508,op:havoc,rep:8
SHA1: 6c4b9bcd26cc88d4157e28c8b43961dadc8bd39d
Classification: UNKNOWN
Hash: 982a5aae2eb27bd502d3172d11fc31a4.56e7f53b9a67d0b540cbf7412cee942b
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_nbcrow @ 0x0000000000420c9d: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff6528bd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff6528c82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_process_nbcrow @ 0x0000000000420c9d: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000419e64: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fee000 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000002dda rdi=0x0000000000002dda rbp=0x00000000004867b7 rsp=0x00007fffffffd768
r8=0xfefefefefefefeff r9=0x0000000000000001 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x0000000000000796 r13=0x0000000000486815 r14=0x00000000006c5770 r15=0x00000000ffffffff
rip=0x00007ffff6530428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 37) - Hash: 93e2d5ed247b8888a056d85ce772e46b.07f9a71f68d63aac81f356f9ab56be20
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000208,sig:11,src:001451,op:havoc,rep:4
SHA1: 729037427d2327e8a08be7ac33e9b4666034dfd2
Classification: PROBABLY_EXPLOITABLE
Hash: 93e2d5ed247b8888a056d85ce772e46b.07f9a71f68d63aac81f356f9ab56be20
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_col_fmt @ 0x000000000041f863: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_col_fmt @ 0x000000000041f863: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041898d: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x000000000000a1a1 rbx=0x0000000000000000 rcx=0x000000000000a0b2 rdx=0x0000000000695930
rsi=0x00000000006c54dc rdi=0x00007fffffffd8d6 rbp=0x0000000000000000 rsp=0x00007fffffffd910
r8=0x00000000006a8c20 r9=0x0000000000000001 r10=0x00000000006a8c10 r11=0x0000000000000004
r12=0x0000000000695530 r13=0x00000000006c5180 r14=0x00007fffffffdad0 r15=0x00000000006c5180
rip=0x000000000041f863 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 11) - Hash: 57e4e6375e0d6dabdc40a77af6375171.67e88255a5ce92de63e7c3398bf6276f
---CRASH SUMMARY---
Filename: fuzzer8/crashes/id:000096,sig:11,src:000821,op:havoc,rep:4
SHA1: d31353a0d9c98dac2b966eae0a6d5ae0b679ee9d
Classification: UNKNOWN
Hash: 57e4e6375e0d6dabdc40a77af6375171.67e88255a5ce92de63e7c3398bf6276f
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_nbcrow @ 0x0000000000420bc4: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x0000000000414315: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c5794 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000a83411e8 rdi=0x00000000006c5793 rbp=0xffffffffa8a0697a rsp=0x00007fffffffd8f0
r8=0x00000000006c5790 r9=0x0000000000000001 r10=0x00000000006c5780 r11=0x0000000000000246
r12=0x0000000000000002 r13=0x0000000000695530 r14=0x00000000a83411e8 r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 53) - Hash: dc1522a652178ed155522caceda4201a.3843ee6fa1a843fd1961964bcfc39c4d
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000376,sig:11,src:002181,op:havoc,rep:2
SHA1: d7f8e5af68b8caad91c114ba89344a8d84ee6e09
Classification: PROBABLY_EXPLOITABLE
Hash: dc1522a652178ed155522caceda4201a.3843ee6fa1a843fd1961964bcfc39c4d
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x0000000000409c89: in /root/freetds/build/src/apps/tsql
tds5_process_result @ 0x000000000041e91d: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x000000000041856b: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000000 rcx=0x00000000000099ab rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c55e0 rbp=0x0000000000000000 rsp=0x00007fffffffd8f0
r8=0x00007fffffffd848 r9=0x0000000000000000 r10=0x00007ffff68beb88 r11=0x0000000000000001
r12=0x0000000000695530 r13=0x000000000000e7e7 r14=0x00000000006c5770 r15=0x00000000006c5770
rip=0x0000000000409c89 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 43) - Hash: 970ac4ad0b228ded3ab4de1c562ed3b8.45f4a17ff060d62437b16eeb546a9e94
---CRASH SUMMARY---
Filename: asan/crashes/id:000117,sig:06,src:000005,op:havoc,rep:2
SHA1: 6a81d45886796214750983ede5040c66979d5752
Classification: PROBABLY_EXPLOITABLE
Hash: 970ac4ad0b228ded3ab4de1c562ed3b8.45f4a17ff060d62437b16eeb546a9e94
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (7 entries):
tds_alloc_row @ 0x00000000004f55db: in /root/aflasan/build/src/apps/tsql
tds_process_dyn_result @ 0x0000000000517ec8: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000502cbb: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x0000000000000000 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x0000000000000000 rdi=0x000060f00000ec80 rbp=0x00007fffffffd1d0 rsp=0x00007fffffffd190
r8=0x00000ffffffff9d0 r9=0x000000000000000b r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x0000000000000073 r13=0x0000000000000073 r14=0x0000000000000000 r15=0x00000c0c00001cc0
rip=0x00000000004f55db efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 92) - Hash: bce772090554bd5a9f47fd562a44b029.bce772090554bd5a9f47fd562a44b029
---CRASH SUMMARY---
Filename: fuzzer7/crashes/id:000167,sig:11,src:001356+001328,op:splice,rep:8
SHA1: ab15cc18ef06fbc98e935f47f3b32652f229f42e
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: bce772090554bd5a9f47fd562a44b029.bce772090554bd5a9f47fd562a44b029
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_set_spid @ 0x000000000042b118: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (4 entries):
tds_set_spid @ 0x000000000042b118: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b118: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00000000006c5180 rbx=0x00000000006c5180 rcx=0x0000000000008042 rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c52f0 rbp=0x0000000000000000 rsp=0x00007fffffffda90
r8=0x0000000000000000 r9=0x0000000000000000 r10=0x00000000006a8a70 r11=0x0000000000000286
r12=0x0000000000695530 r13=0x00007fffffffde34 r14=0x0000000000000001 r15=0x00007fffffffdad0
rip=0x000000000042b118 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
(1 of 1) - Hash: f7e60a8d54ba248b67f4b66570dc6942.c871797b8dd1f57e6241eda0e6c2ff3e
---CRASH SUMMARY---
Filename: asan/crashes/id:000123,sig:06,src:000083,op:havoc,rep:2
SHA1: c41a666b35e8e4d2241d8d34d794a4afe0fafab0
Classification: EXPLOITABLE
Hash: f7e60a8d54ba248b67f4b66570dc6942.c871797b8dd1f57e6241eda0e6c2ff3e
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_variant_get @ 0x000000000058f6ec: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_variant_get @ 0x000000000058f6ec: in /root/aflasan/build/src/apps/tsql
tds_process_param_result @ 0x00000000005141b4: in /root/aflasan/build/src/apps/tsql
tds_process_param_result_ @ 0x00000000005033c1: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x00000000005033c1: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00000c2c20001e00 rbx=0x00007fffffffd0e0 rcx=0x00000c2800001fa0 rdx=0x000061400000fc40
rsi=0x0000000000823810 rdi=0x000061610000f093 rbp=0x00007fffffffd1d0 rsp=0x00007fffffffd020
r8=0x000060f00000edb8 r9=0x000000000000001e r10=0x000000000000000e r11=0x0000000000000000
r12=0x00000000000bc7ad r13=0x0000000000823810 r14=0x00000000200064fe r15=0x0000000000823810
rip=0x000000000058f6ec efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on destination operand
Short description: DestAv (8/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control the write address and/or value.
---END SUMMARY---
(1 of 14) - Hash: 030359cc9d23d8a9d05d763d4c4465c1.930781306a86fa87c3896599e3879794
---CRASH SUMMARY---
Filename: fuzzer6/crashes/id:000088,sig:11,src:000759+000054,op:splice,rep:4
SHA1: cdb3fc27b078b10ac28e7f2264daa07eae94424b
Classification: UNKNOWN
Hash: 030359cc9d23d8a9d05d763d4c4465c1.930781306a86fa87c3896599e3879794
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_row @ 0x00000000004142ad: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x00000000004142ad: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006ca4e4 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000a83411e8 rdi=0x00000000006ca4e3 rbp=0xffffffffa8a0b6ca rsp=0x00007fffffffd940
r8=0x00000000006ca4e0 r9=0x0000000000000001 r10=0x00000000006ca4d0 r11=0x0000000000000000
r12=0x0000000000000001 r13=0x0000000000695530 r14=0x00000000a83411e8 r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 1) - Hash: 9ef9a23e6d8c1fdde39175c2bdd7dde1.f6afad4388ddaa9d70e378c44626e5f3
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000346,sig:06,src:001483,op:arith8,pos:281,val:-33
SHA1: 6c0e259ecb1cf5e4dc4cf74194ca0586f966f152
Classification: EXPLOITABLE
Hash: 9ef9a23e6d8c1fdde39175c2bdd7dde1.f6afad4388ddaa9d70e378c44626e5f3
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
None @ 0x00007ffff512e22a: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1
Disassembly:
Stack Head (13 entries):
__GI_raise @ 0x00007ffff6530428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff653202a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__libc_message @ 0x00007ffff65727ea: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
malloc_printerr @ 0x00007ffff657b477: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_free @ 0x00007ffff657b477: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_free @ 0x00007ffff657e98c: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
None @ 0x00007ffff512e22a: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1
asn1_delete_structure2 @ 0x00007ffff512f418: in /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1
None @ 0x00007ffff720e27c: in /usr/lib/x86_64-linux-gnu/libgnutls.so.30.6.2
_dl_fini @ 0x00007ffff7de7c17: in /lib/x86_64-linux-gnu/ld-2.23.so
__run_exit_handlers @ 0x00007ffff6534ff8: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_exit @ 0x00007ffff6535045: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
main @ 0x00000000004070bd: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x0000000000000067 rcx=0x00007ffff6530428 rdx=0x0000000000000006
rsi=0x0000000000003221 rdi=0x0000000000003221 rbp=0x00007fffffffdb30 rsp=0x00007fffffffd798
r8=0x0000000000000004 r9=0x0000000000000000 r10=0x0000000000000008 r11=0x0000000000000206
r12=0x0000000000000067 r13=0x00007fffffffd948 r14=0x00007fffffffd948 r15=0x0000000000000002
rip=0x00007ffff6530428 efl=0x0000000000000206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Heap error
Short description: HeapError (10/22)
Explanation: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free(), etc. Since heap errors might include buffer overflows, use-after-free situations, etc. they are generally considered exploitable.
---END SUMMARY---
(1 of 1) - Hash: 1343010df97d24da187b07982b78544f.1343010df97d24da187b07982b78544f
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000385,sig:11,src:001781,op:havoc,rep:8
SHA1: 171dffc4d702764ea3a28ca140b2f3508ae557fe
Classification: UNKNOWN
Hash: 1343010df97d24da187b07982b78544f.1343010df97d24da187b07982b78544f
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_detach_results @ 0x000000000040c809: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (3 entries):
tds_detach_results @ 0x000000000040c809: in /root/freetds/build/src/apps/tsql
tds_free_socket @ 0x000000000040c809: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000407083: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006c5770 rcx=0x000000000000e6d9 rdx=0x0000000000695930
rsi=0x0000000000000000 rdi=0x00000000006c52a8 rbp=0x00000000006c5180 rsp=0x00007fffffffde50
r8=0x00007ffff7fe2740 r9=0x000000000000003d r10=0x0000000000000021 r11=0x0000000000000000
r12=0xfffffffffffffffc r13=0x0000000000695530 r14=0x005b676c00000000 r15=0x00000000006c57f0
rip=0x000000000040c809 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation
Short description: AccessViolation (21/22)
Explanation: The target crashed due to an access violation but there is not enough additional information available to determine exploitability.
---END SUMMARY---
(1 of 213) - Hash: f05c7e02a5bb4bdf28e3c042768a434b.ab3bd6fc8dbbbf831475065ce02324f4
---CRASH SUMMARY---
Filename: fuzzer5/crashes/id:000127,sig:11,src:001064+000039,op:splice,rep:2
SHA1: b3e568866b5139532dac0f7725b63e58e677dbdb
Classification: PROBABLY_EXPLOITABLE
Hash: f05c7e02a5bb4bdf28e3c042768a434b.ab3bd6fc8dbbbf831475065ce02324f4
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_process_col_fmt @ 0x000000000041f863: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (6 entries):
tds_process_col_fmt @ 0x000000000041f863: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x000000000041434b: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x000000000000a1a1 rbx=0x0000000000000000 rcx=0x000000000000a0b2 rdx=0x0000000000695930
rsi=0x00000000006c54ce rdi=0x00007fffffffd926 rbp=0x00000000000000a1 rsp=0x00007fffffffd960
r8=0x00000000006a9030 r9=0x0000000000000000 r10=0x0000000000000027 r11=0x0000000000000000
r12=0x0000000000695530 r13=0x00000000006c5180 r14=0x00000000006c5180 r15=0x00000000000000a1
rip=0x000000000041f863 efl=0x0000000000010206 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on destination operand
Short description: DestAvNearNull (15/22)
Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 8) - Hash: 28bb6ff0e3a3054c8ac32e012588aa73.0410cb781e75cd8e47d79a3165e867d4
---CRASH SUMMARY---
Filename: fuzzer1/crashes/id:000203,sig:11,src:000726,op:int8,pos:26,val:+1
SHA1: f88e7b74a92cd8a40c11c7edfa60321ddd17ceac
Classification: UNKNOWN
Hash: 28bb6ff0e3a3054c8ac32e012588aa73.0410cb781e75cd8e47d79a3165e867d4
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_params_result @ 0x000000000041398b: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x000000000041398b: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006ca4e4 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000a83411e8 rdi=0x00000000006ca4e3 rbp=0xffffffffa8a0b6ca rsp=0x00007fffffffd940
r8=0x00000000006ca4e0 r9=0x0000000000000001 r10=0x00000000006ca4d0 r11=0x0000000000000000
r12=0x0000000000000001 r13=0x0000000000695530 r14=0x00000000a83411e8 r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 10) - Hash: 0dfc4b41bcf76be648899ec8fbda1cbc.a6e14e17892ffabcac591a5382e8d1c9
---CRASH SUMMARY---
Filename: asan/crashes/id:000145,sig:06,src:001015+000127,op:splice,rep:4
SHA1: bc3b4bd9fdb68c236af807627268fdadd7c2e53c
Classification: PROBABLY_EXPLOITABLE
Hash: 0dfc4b41bcf76be648899ec8fbda1cbc.a6e14e17892ffabcac591a5382e8d1c9
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_alloc_param_data @ 0x00000000004f4141: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (8 entries):
tds_alloc_param_data @ 0x00000000004f4141: in /root/aflasan/build/src/apps/tsql
tds_process_param_result @ 0x0000000000514147: in /root/aflasan/build/src/apps/tsql
tds_process_param_result_ @ 0x0000000000509662: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x0000000000509662: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000002 rbx=0x000060f00000ed70 rcx=0x0000000000000010 rdx=0x00000000014960b0
rsi=0x000061600000f0f7 rdi=0x000060f00000ed70 rbp=0x00007fffffffd170 rsp=0x00007fffffffd140
r8=0x00000ffffffff9c4 r9=0x0000000000000050 r10=0x000060b00000adb4 r11=0x00007ffff5d65550
r12=0x0000000000292be8 r13=0x000060f00000ed70 r14=0x000061400000fd60 r15=0x000061400000fc40
rip=0x00000000004f4141 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL during branch instruction
Short description: BranchAvNearNull (13/22)
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted. However, there is a chance it could be a NULL dereference.
---END SUMMARY---
(1 of 1) - Hash: 912763729dc911d93e600b90c5aa7a2c.2360a232f570d6aedd8c5026208a94ff
---CRASH SUMMARY---
Filename: asan/crashes/id:000167,sig:06,src:001136,op:havoc,rep:2
SHA1: 8815ab0bdca49657f14fe2e55ea5cd484092cf5e
Classification: UNKNOWN
Hash: 912763729dc911d93e600b90c5aa7a2c.2360a232f570d6aedd8c5026208a94ff
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000520447: in /root/aflasan/build/src/apps/tsql
tds_swap_numeric @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_numeric_get @ 0x0000000000594dd2: in /root/aflasan/build/src/apps/tsql
tds_process_params_result @ 0x0000000000506931: in /root/aflasan/build/src/apps/tsql
tds_process_tokens @ 0x0000000000506931: in /root/aflasan/build/src/apps/tsql
tds_set_spid @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x00000000005254fc: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe1700 rbx=0x000060404a00d551 rcx=0x00000c0809401aaa rdx=0x00000000014960b0
rsi=0x0000000049ffffff rdi=0x000060400000d553 rbp=0x00007fffffffd160 rsp=0x00007fffffffd140
r8=0x00000c087fff9ab0 r9=0x00000c087fff9aa8 r10=0x00000c087fff9ab1 r11=0x00007ffff5d65790
r12=0x000060400000d553 r13=0x0000000000000019 r14=0x000060400000d553 r15=0x0000000000823810
rip=0x0000000000520447 efl=0x0000000000010246 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 26) - Hash: 32f4d839a84b0db28f304c41953bfc4d.c4e1703adf51d9c4088d09a0ffaeb807
---CRASH SUMMARY---
Filename: asan/crashes/id:000305,sig:06,src:001359+001139,op:splice,rep:32
SHA1: f976f9ac558ec479899c04ff56a081b504380d5e
Classification: UNKNOWN
Hash: 32f4d839a84b0db28f304c41953bfc4d.c4e1703adf51d9c4088d09a0ffaeb807
Command: /root/aflasan/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds5_process_optioncmd @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
Disassembly:
Stack Head (10 entries):
__GI_raise @ 0x00007ffff5c05428: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI_abort @ 0x00007ffff5c0702a: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__assert_fail_base @ 0x00007ffff5bfdbd7: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___assert_fail @ 0x00007ffff5bfdc82: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds5_process_optioncmd @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
tds_process_default_token @ 0x0000000000505fc4: in /root/aflasan/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000500395: in /root/aflasan/build/src/apps/tsql
tds_connect @ 0x0000000000524e09: in /root/aflasan/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000520f0d: in /root/aflasan/build/src/apps/tsql
main @ 0x00000000004ed656: in /root/aflasan/build/src/apps/tsql
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7fc8000 rcx=0x00007ffff5c05428 rdx=0x0000000000000006
rsi=0x0000000000007219 rdi=0x0000000000007219 rbp=0x00000000005cf320 rsp=0x00007fffffffd068
r8=0x0000000000000028 r9=0x0000000000000002 r10=0x0000000000000008 r11=0x0000000000000202
r12=0x0000000000000b44 r13=0x00000000005cf360 r14=0x0000000000292be8 r15=0x0000000000823810
rip=0x00007ffff5c05428 efl=0x0000000000000202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often generated by libc and compiled check-code to indicate potentially exploitable conditions. Unfortunately this command does not yet further analyze these crashes.
---END SUMMARY---
(1 of 8) - Hash: 6bea812730b8100f714d9b0d9020688f.7e0e1dd759f33ef5a618390af6027082
---CRASH SUMMARY---
Filename: fuzzer6/crashes/id:000177,sig:11,src:001421,op:havoc,rep:4
SHA1: 485bc4ba484a50b31a5f753503cbf18d8a1a982c
Classification: UNKNOWN
Hash: 6bea812730b8100f714d9b0d9020688f.7e0e1dd759f33ef5a618390af6027082
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (9 entries):
tds_swap_bytes @ 0x0000000000428786: in /root/freetds/build/src/apps/tsql
tds_swap_numeric @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_numeric_get @ 0x00000000004725ed: in /root/freetds/build/src/apps/tsql
tds_process_row @ 0x0000000000419f2a: in /root/freetds/build/src/apps/tsql
tds_process_tokens @ 0x0000000000419f2a: in /root/freetds/build/src/apps/tsql
tds_set_spid @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042b05c: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x00007ffff7fe273c rbx=0x00000000006ca4e4 rcx=0x0000000000008c09 rdx=0x0000000000695930
rsi=0x00000000a83411e8 rdi=0x00000000006ca4e3 rbp=0xffffffffa8a0b6ca rsp=0x00007fffffffd8f0
r8=0x00000000006ca4e0 r9=0x0000000000000000 r10=0x00000000006ca4d0 r11=0x00007ffff68beb78
r12=0x0000000000000004 r13=0x0000000000695530 r14=0x00000000a83411e8 r15=0x0000000000695530
rip=0x0000000000428786 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation on source operand
Short description: SourceAv (19/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
---END SUMMARY---
(1 of 1) - Hash: f664a726b025a98af70cff36b0798654.082433b73d789f6c7bcdd9382a8053de
---CRASH SUMMARY---
Filename: fuzzer4/crashes/id:000271,sig:11,src:001595,op:havoc,rep:4
SHA1: 3a54a63faa6c7ee57236bc857fdb674eb3379347
Classification: PROBABLY_NOT_EXPLOITABLE
Hash: f664a726b025a98af70cff36b0798654.082433b73d789f6c7bcdd9382a8053de
Command: /root/freetds/build/src/apps/tsql -S 127.0.0.1 -U fdsa -P fdsa -I /root/tdsconfig
Faulting Frame:
tds_realloc_packet @ 0x000000000040bf2f: in /root/freetds/build/src/apps/tsql
Disassembly:
Stack Head (12 entries):
malloc_consolidate @ 0x00007ffff65793b5: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_malloc @ 0x00007ffff657c3be: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
_int_realloc @ 0x00007ffff657d850: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
__GI___libc_realloc @ 0x00007ffff657ec89: in /lib/x86_64-linux-gnu/libc-2.23.so (BL)
tds_realloc_packet @ 0x000000000040bf2f: in /root/freetds/build/src/apps/tsql
tds_read_packet @ 0x000000000047c506: in /root/freetds/build/src/apps/tsql
tds_get_n @ 0x000000000042e29c: in /root/freetds/build/src/apps/tsql
tds_process_default_token @ 0x000000000041479c: in /root/freetds/build/src/apps/tsql
tds_process_login_tokens @ 0x0000000000411f31: in /root/freetds/build/src/apps/tsql
tds_connect @ 0x000000000042ab17: in /root/freetds/build/src/apps/tsql
tds_connect_and_login @ 0x0000000000428e9f: in /root/freetds/build/src/apps/tsql
main @ 0x0000000000404e27: in /root/freetds/build/src/apps/tsql
Registers:
rax=0x0000000100000000 rbx=0x00000000006c5670 rcx=0x00007fffffffd6f0 rdx=0x0000000000000021
rsi=0x000000000000fb11 rdi=0x00007ffff68beb20 rbp=0x00000000000000d0 rsp=0x00007fffffffd6a0
r8=0x0000000000000000 r9=0x00000000006e4240 r10=0x00007ffff68beb78 r11=0x00000000006a88d0
r12=0x00000000006c5710 r13=0x00000000000034f7 r14=0x00007ffff68beb20 r15=0x00007ffff68beb78
rip=0x00007ffff65793b5 efl=0x0000000000010202 cs=0x0000000000000033 ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000 gs=0x0000000000000000
Extra Data:
Description: Access violation near NULL on source operand
Short description: SourceAvNearNull (16/22)
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor.
---END SUMMARY---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment