[Bug 8661] Segmentation fault safe_write (fuzzing)
bugzilla at busybox.net
bugzilla at busybox.net
Sat Feb 13 03:28:25 UTC 2016
https://bugs.busybox.net/show_bug.cgi?id=8661
Mike Frysinger <vapier at gentoo.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6321|0 |1
is obsolete| |
--- Comment #4 from Mike Frysinger <vapier at gentoo.org> ---
Comment on attachment 6321
--> https://bugs.busybox.net/attachment.cgi?id=6321
minimized test case
simple test case is to just pass a really large signal # to trap:
$ ./busybox_unstripped sh -c 'trap '' 255'
shell/ash.c:12555:42: runtime error: index 255 out of bounds for type 'char
*[65]'
=================================================================
==2199==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x617000010548
at pc 0x000000412581 bp 0x7fffb7868350 sp 0x7fffb7868340
READ of size 8 at 0x617000010548 thread T0
#0 0x412580 in trapcmd shell/ash.c:12555
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list