[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AddressSanitizer: heap-buffer-overflow lib/readline/bind.c:437 in rl
From: |
Eduardo Bustamante |
Subject: |
Re: AddressSanitizer: heap-buffer-overflow lib/readline/bind.c:437 in rl_translate_keyseq |
Date: |
Thu, 27 Apr 2017 20:34:01 -0500 |
On Thu, Apr 27, 2017 at 2:35 PM, Chet Ramey <chet.ramey@case.edu> wrote:
[...]
> Thanks for the report. This was an easy fix. You must be fuzzing
> readline's key sequence parser.
Yes. I'm currently trying a few approaches. I got this crash from:
afl-fuzz -i i1/ -o o1/ -- ./bash/bash --noprofile --norc -ic 'bind -f @@'
After compiling with CC=afl-gcc ...
With this seed:
# cat i1/1
"\e\C-e": shell-expand-line
"\C-x(": start-kbd-macro
"\e&": tilde-expand
"\C-t": transpose-chars
"\et": transpose-words
"\C-x\C-u": undo
"\C-_": undo
"\C-u": unix-line-discard
"\C-w": unix-word-rubout
"\eu": upcase-word
"\C-y": yank
"\e.": yank-last-arg
"\e_": yank-last-arg
"\e\C-y": yank-nth-arg
"\ey": yank-pop