diff options
Diffstat (limited to 'results/scraper/launchpad-without-comments/1523811')
| -rw-r--r-- | results/scraper/launchpad-without-comments/1523811 | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/results/scraper/launchpad-without-comments/1523811 b/results/scraper/launchpad-without-comments/1523811 new file mode 100644 index 000000000..46cabcc22 --- /dev/null +++ b/results/scraper/launchpad-without-comments/1523811 @@ -0,0 +1,27 @@ +USB assert failure on dev-storage.c + +On executing the attached python script in the guest OS, QEMU dies with assert failure: + +[run python script in guest root shell] +# python a.py + +[host message] +qemu-system-x86_64: hw/usb/dev-storage.c:445: usb_msd_handle_data: Assertion `le32_to_cpu(s->csw.residue) == 0' failed. +Aborted (core dumped) + + +When I detach the kernel driver and send CBW and reattach it again, without conforming to the command/data/status protocol, QEMU dies. +I think this is due to misimplementation of Command/Data/Status protocol in Bulk-only transfer. +This kind of assert failure can be misused by malwares to avoid being analyzed by terminating only in the virtual environments and still execute the malicious code in real machines. +Before running python script, make sure to change a.py that it should points to usb mass storage's vid and pid. + +QEMU was running on these environment : +[CPU model] Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz +[qemu version] QEMU 2.5.0-rc2 (compiled from source, gcc 4.8.4) +[host info] Ubuntu 14.04.3, x86_64, 3.19.0-32-generic +[guest info] Ubuntu 14.04.3, x86_64, 3.19.0-28-generic +[QEMU argument] +x86_64-softmmu/qemu-system-x86_64 -hda /media/hdd/img/ubuntu1404.qcow2.5 \ + -m 512 \ + --usbdevice disk:format=qcow2:../usb.img.5 \ + --enable-kvm \ No newline at end of file |