[Bug 15865] [busybox 1.36.1] use-after-free in awk

bugzilla at busybox.net bugzilla at busybox.net
Wed Jan 31 01:44:49 UTC 2024


https://bugs.busybox.net/show_bug.cgi?id=15865

--- Comment #3 from Valery Ushakov <uwe at NetBSD.org> ---
So, the bug is triggered by lines 17 and 18 in the input, b/c the END
rule is mangled by the fuzzer to have weird code where collected
languages are processed.  Line 128 of the mangled awk program is:

  macros[i] = "CL_" langs[i], gsub( "[^A-Za-z0-9_]", "X", macros[i] )

and all awks reject that use of comma as a syntax error, but busybox awk
accepts it.

As far as I can tell, this bug can be reproduced with something like:

  $ awk 'BEGIN { v = "abc", gsub("b", "X", v); print v }'
  aXc

(use asan/valgrind to taste).

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the busybox-cvs mailing list