|
| From: | Hanno Boeck |
| Subject: | [bug #46470] Global out of bounds read in troff in function make_glyph_node |
| Date: | Wed, 18 Nov 2015 09:34:43 +0000 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.16 Safari/537.36 |
URL:
<http://savannah.gnu.org/bugs/?46470>
Summary: Global out of bounds read in troff in function
make_glyph_node
Project: GNU troff
Submitted by: hanno
Submitted on: Wed 18 Nov 2015 10:34:42 AM CET
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Planned Release: None
_______________________________________________________
Details:
The attached file will cause a global out of bounds read in the troff tool.
This can be seen with address sanitizer (-fsanitize=address in cflags).
The file consists just of two bytes ("\("). This was found with american fuzzy
lop.
I'll also attach the full address sanitizer stack trace.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Wed 18 Nov 2015 10:34:42 AM CET Name: troff-global-oob Size: 2B By:
hanno
<http://savannah.gnu.org/bugs/download.php?file_id=35490>
-------------------------------------------------------
Date: Wed 18 Nov 2015 10:34:42 AM CET Name: troff-asan-error.txt Size: 3kB
By: hanno
<http://savannah.gnu.org/bugs/download.php?file_id=35491>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?46470>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
| [Prev in Thread] | Current Thread | [Next in Thread] |