Re: AddressSanitizer reports a heap buffer overflow from scan_node

bug-texinfo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AddressSanitizer reports a heap buffer overflow from scan_node_conte

From:	Gavin Smith
Subject:	Re: AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file
Date:	Sun, 21 Feb 2021 09:40:23 +0000
User-agent:	Mutt/1.9.4 (2018-02-28)

On Sat, Feb 20, 2021 at 05:43:55PM -0500, Nathaniel Beaver wrote:
> Steps to reproduce:
> Compile with -fsanitize=address, then run:
> 
> info -f reproduce_bug.info
> 
> Expected behavior:
> 
> info does not trigger AddressSanitizer errors.
> 
> Actual behavior:
> 
> AddressSanitizer reports a heap-buffer-overflow from scan_node_contents() in
> info/info-utils.c:1676
> 
> Comments:
> This file was generated by afl-fuzz; I don't understand how it creates a
> heap buffer overflow.
> 
> Valgrind also reports invalid reads in various functions (see attached).

Thank you for the report.  It is likely that we will fix it at some point
although I couldn't tell you when this would be.

[Prev in Thread]

Current Thread

[Next in Thread]

AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file, Nathaniel Beaver, 2021/02/20
- Re: AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file, Gavin Smith <=

Prev by Date: Re: warnings ignoring parser configuration value
Next by Date: Re: Horizontal scrolling on TOC
Previous by thread: AddressSanitizer reports a heap buffer overflow from scan_node_contents() on malformed info file
Next by thread: warnings ignoring parser configuration value
Index(es):
- Date
- Thread