sed bug report - Segfault on L command with long address

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

sed bug report - Segfault on L command with long address

From:	Jodie Cunningham
Subject:	sed bug report - Segfault on L command with long address
Date:	Tue, 9 Dec 2014 17:26:49 -0600

To reproduce, run:
sed 'L222222' <<<d

These do not segfault:
sed 'L22222' <<<d
sed 'L2222222222222222222222222' <<<d

I do not have any expected behavior for this as it was just found by
the fuzzer American Fuzzy Lop (lcamtuf.coredump.cx/afl/) .

Test machine:
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty

sed:
  Installed: 4.2.2-4ubuntu1
  Candidate: 4.2.2-4ubuntu1
  Version table:
 *** 4.2.2-4ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
        100 /var/lib/dpkg/status

$ sed --version
sed (GNU sed) 4.2.2

Tracked downstream at Ubuntu:
https://bugs.launchpad.net/ubuntu/+source/sed/+bug/1400575


Thank you,
-Jodie Cunningham

[Prev in Thread]

Current Thread

[Next in Thread]

sed bug report - Segfault on L command with long address, Jodie Cunningham <=
- Re: sed bug report - Segfault on L command with long address, Jim Meyering, 2014/12/10
  - Re: sed bug report - Segfault on L command with long address, Paolo Bonzini, 2014/12/10

Prev by Date: Re: Bug#771904: unshar manpage: "Pp" (fwd)
Next by Date: Re: sed bug report - Segfault on L command with long address
Previous by thread: Bug#771910: uudecode: no newline after error message (fwd)
Next by thread: Re: sed bug report - Segfault on L command with long address
Index(es):
- Date
- Thread