[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AddressSanitizer reports a heap buffer overflow from scan_node_conte
From: |
Gavin Smith |
Subject: |
Re: AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file |
Date: |
Thu, 6 May 2021 20:32:21 +0100 |
User-agent: |
Mutt/1.9.4 (2018-02-28) |
On Sat, Feb 20, 2021 at 05:43:55PM -0500, Nathaniel Beaver wrote:
> Steps to reproduce:
> Compile with -fsanitize=address, then run:
>
> info -f reproduce_bug.info
>
> Expected behavior:
>
> info does not trigger AddressSanitizer errors.
>
> Actual behavior:
>
> AddressSanitizer reports a heap-buffer-overflow from scan_node_contents() in
> info/info-utils.c:1676
>
> Comments:
> This file was generated by afl-fuzz; I don't understand how it creates a
> heap buffer overflow.
Thanks for the report; it should be fixed in commit a11612ff66.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file,
Gavin Smith <=