Re: Bug: heap-buffer-overflow in function _nc_find

bug-ncurses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug: heap-buffer-overflow in function _nc_find_entry

From:	Sven Joachim
Subject:	Re: Bug: heap-buffer-overflow in function _nc_find_entry
Date:	Sat, 12 Oct 2019 21:29:41 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

On 2019-10-11 20:00 -0400, Thomas Dickey wrote:

> On Fri, Oct 11, 2019 at 04:59:52PM +0800, address@hidden wrote:
>> POC: https://github.com/zjuchenyuan/fuzzpoc/raw/master/infotocap_poc6
>
> I tested poc1-poc6 with valgrind on two different machines and it doesn't
> see a problem with poc2, poc4 or poc6 (but I'll study the trace to see
> what you might be reporting).

FWIW, poc[1267] cause segfaults in a build with the Debian options (but
poc[345] do not).  I can send gdb backtraces if desired, but almost
every variable is <optimized out>, and without optimization there are no
crashes. :-(

Cheers,
       Sven

[Prev in Thread]

Current Thread

[Next in Thread]

Bug: heap-buffer-overflow in function _nc_find_entry, address@hidden, 2019/10/11
- Re: Bug: heap-buffer-overflow in function _nc_find_entry, Thomas Dickey, 2019/10/11
  - Re: Bug: heap-buffer-overflow in function _nc_find_entry, Sven Joachim <=
    - Re: Bug: heap-buffer-overflow in function _nc_find_entry, Thomas Dickey, 2019/10/12
- Re: Bug: heap-buffer-overflow in function _nc_find_entry, address@hidden, 2019/10/11

Prev by Date: Re: infotocap does not work on a dumb terminal
Next by Date: Re: linker flags leaked into "ncurses*-config --libs"
Previous by thread: Re: Bug: heap-buffer-overflow in function _nc_find_entry
Next by thread: Re: Bug: heap-buffer-overflow in function _nc_find_entry
Index(es):
- Date
- Thread