[Bug 8661] Segmentation fault safe_write (fuzzing)

bugzilla at busybox.net bugzilla at busybox.net
Sat Feb 13 03:28:25 UTC 2016


Mike Frysinger <vapier at gentoo.org> changed:

           What    |Removed                     |Added
   Attachment #6321|0                           |1
        is obsolete|                            |

--- Comment #4 from Mike Frysinger <vapier at gentoo.org> ---
Comment on attachment 6321
  --> https://bugs.busybox.net/attachment.cgi?id=6321
minimized test case

simple test case is to just pass a really large signal # to trap:
$ ./busybox_unstripped sh -c 'trap '' 255'
shell/ash.c:12555:42: runtime error: index 255 out of bounds for type 'char
==2199==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x617000010548
at pc 0x000000412581 bp 0x7fffb7868350 sp 0x7fffb7868340
READ of size 8 at 0x617000010548 thread T0
    #0 0x412580 in trapcmd shell/ash.c:12555

You are receiving this mail because:
You are on the CC list for the bug.

More information about the busybox-cvs mailing list