[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#66835: Heap buffer overread in expr in regexec.c in the check_arriva
From: |
Some Dickhead |
Subject: |
bug#66835: Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function. |
Date: |
Sun, 29 Oct 2023 20:14:54 +0200 |
Hi! I was fuzzing expr in coreutils and found a bug. I compiled expr with
asan and ubsan. I cloned the repository from
https://github.com/coreutils/coreutils and I am using
commit f7e25d5bb53e35bcdea8512dd6db07dd7e6cf452 . After compiling expr,
just run './expr $(printf "\x30\x98\xc8\x9d") : $(printf
"\x5c\x28\x5c\x29\x2e\x2a\x5c\x53\x98\xc8\x30\x2a\x5c\x31")' and observe
the crash. I have attached the ASAN report which I got from my run to this
email.
asanreport.txt
Description: Text document
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#66835: Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.,
Some Dickhead <=