[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: An illegal memory access in ncurses, tic
|
From: |
Thomas Dickey |
|
Subject: |
Re: An illegal memory access in ncurses, tic |
|
Date: |
Sat, 16 Apr 2022 19:35:09 -0400 |
|
User-agent: |
Mutt/1.10.1 (2018-07-13) |
On Sat, Apr 16, 2022 at 04:55:06PM -0400, Thomas Dickey wrote:
> On Sat, Apr 16, 2022 at 09:19:48PM +0800, 郑晗 wrote:
> > Dear developers,
> >
> > I'm a security researcher and is now trying to test my new fuzzer. I've
> > just found an illegal memory access in the latest commit of ncurse, tic.
> > Here are the informations:
> >
> > (1) environment
> > Ubuntu 20.04.3 LTS
> > gcc 9.3.0
> > ncurse latest commit 74b10d4a30eec8feb66a4b94a72da65be0048447, tag
> > v6_3_20220409
> >
> >
> > (2) step to reproduce:
> > export CFLAGS="-fsanitze=address -g"
> > export CXXFLAGS="-fsanitize=address -g"
> > ./configure && make -j$(nproc)
> > ./prog/tic -o /dev/null $POC
>
> I can reproduce the problem, but the command is incorrect.
> With that command, tic will exit (because /dev/null is not a directory)
> before getting into the area which produces these messages.
I have a simple fix for the immediate problem, but can see that there's
some additional (time-consuming) investigation needed.
--
Thomas E. Dickey <dickey@invisible-island.net>
https://invisible-island.net
ftp://ftp.invisible-island.net
signature.asc
Description: PGP signature