[Toybox] [PATCH] Fix segfault in sed -e 'c\'
Andy Chu
andychup at gmail.com
Sun Mar 6 09:57:09 PST 2016
I was playing around with afl-fuzz and decided to test the sed -f input,
which very quickly found this (in less than one second).
I don't quite understand the parsing and "repurpose hit" comment, but I
think this is what was intended.
pline is checked for NULL at line 761, but not at line 767 (and passed as
NULL on line 1040). The test catches the segfault.
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20160306/57564818/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-segfault-in-sed-e-c.patch
Type: text/x-patch
Size: 1599 bytes
Desc: not available
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20160306/57564818/attachment-0004.bin>
More information about the Toybox
mailing list