[Toybox] ASAN errors in toysh
Eric Roshan-Eisner
eric.d.eisner at gmail.com
Sat Jan 7 23:41:30 PST 2023
I ran the shell through the afl++ fuzzer, and it split out a few different
ASAN failures for simple inputs:
heap-buffer-overflow:
$ toybox sh -c '$'
$ toybox sh -c '+()'
$ toybox sh -c '<<0;0'
$ toybox sh -c '{$,}'
floating-point-exception:
$ toybox sh -c '((0%0))'
Also found some ASAN failures on the vi command.
heap-buffer-overflow:
$ echo p > input; toybox vi -s input ascii.txt
stack-buffer-overflow:
$ echo s000000000000000 > input; toybox vi -s input ascii.txt
-Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20230107/6be4974b/attachment.htm>
More information about the Toybox
mailing list