=================================================================
==19732==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000001311 at pc 0x7fb1de2fb303 bp 0x7ffdca0de8d0 sp 0x7ffdca0de078
WRITE of size 1073741824 at 0x506000001311 thread T0
    #0 0x7fb1de2fb302 in memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_memintrinsics.inc:115
    #1 0x55a04794f22b in memcpy /usr/include/x86_64-linux-gnu/bits/string_fortified.h:29
    #2 0x55a04794f22b in jvp_string_append src/jv.c:1191
    #3 0x55a047954a6e in jv_string_concat src/jv.c:1501
    #4 0x55a0479a6f41 in binop_plus src/builtin.c:96
    #5 0x55a0479a6fb5 in f_plus src/builtin.c:45
    #6 0x55a0479472ab in jq_next src/execute.c:919
    #7 0x55a04793eb8e in process src/main.c:179
    #8 0x55a047941564 in main src/main.c:667
    #9 0x7fb1dde2a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7fb1dde2a28a in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x55a04793e584 in _start (/root/.pruva/runs/cve-2026-32316_20260528-102301/external/jq-vuln+0x3c584) (BuildId: baa76eedd094e19fe15a8e53711bfe5c06d31bb0)

0x506000001311 is located 0 bytes after 49-byte region [0x5060000012e0,0x506000001311)
allocated by thread T0 here:
    #0 0x7fb1de2fd9c7 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x55a0479587ed in jv_mem_alloc src/jv_alloc.c:142
    #2 0x55a04794db8b in jvp_string_alloc src/jv.c:1106
    #3 0x55a04794f1d4 in jvp_string_append src/jv.c:1189
    #4 0x55a047954a6e in jv_string_concat src/jv.c:1501
    #5 0x55a0479a6f41 in binop_plus src/builtin.c:96
    #6 0x55a0479a6fb5 in f_plus src/builtin.c:45
    #7 0x55a0479472ab in jq_next src/execute.c:919
    #8 0x55a04793eb8e in process src/main.c:179
    #9 0x55a047941564 in main src/main.c:667
    #10 0x7fb1dde2a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7fb1dde2a28a in __libc_start_main_impl ../csu/libc-start.c:360
    #12 0x55a04793e584 in _start (/root/.pruva/runs/cve-2026-32316_20260528-102301/external/jq-vuln+0x3c584) (BuildId: baa76eedd094e19fe15a8e53711bfe5c06d31bb0)

SUMMARY: AddressSanitizer: heap-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_memintrinsics.inc:115 in memcpy
Shadow bytes around the buggy address:
  0x506000001080: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x506000001100: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
  0x506000001180: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fa
  0x506000001200: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
  0x506000001280: fd fd fd fd fd fd fd fa fa fa fa fa 00 00 00 00
=>0x506000001300: 00 00[01]fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001480: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x506000001580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==19732==ABORTING