[Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop

tinycc-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop

From:	John Scott
Subject:	[Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop
Date:	Mon, 30 Jul 2018 21:23:17 -0400

I fuzzed tcc for several hours and found some issues. I'm not familiar
with tcc's code and can't be of much help in resolving these, but they
do affect both 0.9.27 and the latest Git version, so I hope to bring
awareness to these bugs.

One test case is:
main(){void s=!0?s/.0

Writing that to a .c file and attempting to compile it yields:
tcc: x86_64-gen.c:441: load: Assertion `((ft & VT_BTYPE) == VT_INT) ||
((ft & VT_BTYPE) == VT_LLONG) || ((ft & VT_BTYPE) == VT_PTR) || ((ft &
VT_BTYPE) == VT_FUNC)' failed.
Aborted

Meanwhile, attempting to preprocess `##include<` in a C source file
causes tcc to hang and consume arbitrarily large amounts of memory.

I think it'd be neat to understand what's going on here. I would like to
thank those who develop tcc by the way; I do like it very much.

Sincerely,
John Scott

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop, John Scott <=
- Re: [Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop, pasman1, 2018/07/31

Prev by Date: Re: [Tinycc-devel] Mis-parse in some situations involving a function pointer with attributes (breaks SQLite build)
Next by Date: Re: [Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop
Previous by thread: [Tinycc-devel] Mis-parse in some situations involving a function pointer with attributes (breaks SQLite build)
Next by thread: Re: [Tinycc-devel] Small tcc bugs brought to you by american fuzzy lop
Index(es):
- Date
- Thread