[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Tinycc-devel] Out of Bounds Write in asm_parse_directive
From: |
bugs-syssec |
Subject: |
[Tinycc-devel] Out of Bounds Write in asm_parse_directive |
Date: |
Wed, 12 Dec 2018 17:16:02 +0100 |
User-agent: |
RUB Webmail/1.3.8 via Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0 |
Dear all,
An out of bounds write in the asm_parse_directive function was found
while fuzzing tcc.
You can find the input producing the crash and the output of the clang
address sanitizer and valgrind in the attachments.
The input file contains four lines, each of which triggered the bug on
my system.
The ASAN output was generated on an older version of Ubuntu (16.04),
but I could also reproduce the crashes on a current Arch Linux.
To reproduce, compile the attached input file with tcc
tcc asm_parse-oob_write.c
I tested the latest git version of tcc (commit
c4787e3626904fc542bd640cc368a9d306347008).
Credits: SysSec chair of Ruhr University Bochum
asm_parse-oob_write.c
Description: Text document
valgrind.txt
Description: Text document
asan.txt
Description: Text document
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Tinycc-devel] Out of Bounds Write in asm_parse_directive,
bugs-syssec <=