[Bug 15865] [busybox 1.36.1] use-after-free in awk
bugzilla at busybox.net
bugzilla at busybox.net
Wed Jan 31 01:44:49 UTC 2024
https://bugs.busybox.net/show_bug.cgi?id=15865
--- Comment #3 from Valery Ushakov <uwe at NetBSD.org> ---
So, the bug is triggered by lines 17 and 18 in the input, b/c the END
rule is mangled by the fuzzer to have weird code where collected
languages are processed. Line 128 of the mangled awk program is:
macros[i] = "CL_" langs[i], gsub( "[^A-Za-z0-9_]", "X", macros[i] )
and all awks reject that use of comma as a syntax error, but busybox awk
accepts it.
As far as I can tell, this bug can be reproduced with something like:
$ awk 'BEGIN { v = "abc", gsub("b", "X", v); print v }'
aXc
(use asan/valgrind to taste).
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list