=================================================================
==18043==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000001371 at pc 0x7f26dccfb303 bp 0x7ffe5d77e9e0 sp 0x7ffe5d77e188
WRITE of size 1073741824 at 0x506000001371 thread T0
    #0 0x7f26dccfb302 in memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_memintrinsics.inc:115
    #1 0x56364cab022b in memcpy /usr/include/x86_64-linux-gnu/bits/string_fortified.h:29
    #2 0x56364cab022b in jvp_string_append src/jv.c:1191
    #3 0x56364cab5a6e in jv_string_concat src/jv.c:1501
    #4 0x56364cb07f41 in binop_plus src/builtin.c:96
    #5 0x56364cb07fb5 in f_plus src/builtin.c:45
    #6 0x56364caa82ab in jq_next src/execute.c:919
    #7 0x56364ca9fb8e in process src/main.c:179
    #8 0x56364caa2564 in main src/main.c:667
    #9 0x7f26dc82a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7f26dc82a28a in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x56364ca9f584 in _start (/root/.pruva/runs/cve-2026-32316_20260528-102301/external/jq-vuln+0x3c584) (BuildId: baa76eedd094e19fe15a8e53711bfe5c06d31bb0)

0x506000001371 is located 0 bytes after 49-byte region [0x506000001340,0x506000001371)
allocated by thread T0 here:
    #0 0x7f26dccfd9c7 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x56364cab97ed in jv_mem_alloc src/jv_alloc.c:142
    #2 0x56364caaeb8b in jvp_string_alloc src/jv.c:1106
    #3 0x56364cab01d4 in jvp_string_append src/jv.c:1189
    #4 0x56364cab5a6e in jv_string_concat src/jv.c:1501
    #5 0x56364cb07f41 in binop_plus src/builtin.c:96
    #6 0x56364cb07fb5 in f_plus src/builtin.c:45
    #7 0x56364caa82ab in jq_next src/execute.c:919
    #8 0x56364ca9fb8e in process src/main.c:179
    #9 0x56364caa2564 in main src/main.c:667
    #10 0x7f26dc82a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7f26dc82a28a in __libc_start_main_impl ../csu/libc-start.c:360
    #12 0x56364ca9f584 in _start (/root/.pruva/runs/cve-2026-32316_20260528-102301/external/jq-vuln+0x3c584) (BuildId: baa76eedd094e19fe15a8e53711bfe5c06d31bb0)

SUMMARY: AddressSanitizer: heap-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_memintrinsics.inc:115 in memcpy
Shadow bytes around the buggy address:
  0x506000001080: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x506000001100: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
  0x506000001180: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fa
  0x506000001200: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x506000001280: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
=>0x506000001300: fd fd fd fa fa fa fa fa 00 00 00 00 00 00[01]fa
  0x506000001380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001480: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==18043==ABORTING