[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Tinycc-devel] Out of Bounds Write in gsym_addr
From: |
Bugs SysSec |
Subject: |
[Tinycc-devel] Out of Bounds Write in gsym_addr |
Date: |
Tue, 28 May 2019 15:57:01 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 |
Dear all,
While fuzzing tcc, an out of bounds write was found in the gsym_addr
function.
Attached are a file producing a crash when compiled, the output of the
clang address sanitizer and valgrind.
The asan report only shows an out of bounds read, valgrind also shows
the out of bounds write.
To reproduce, compile the attached input file with tcc
tcc gsym_addr.c
The latest git version of tcc (commit
1dd6842654c8f8f6bf1a94364f0fd23ed10cc7e1) and tcc 0.9.27 was tested.
Credits: SysSec chair of Ruhr University Bochum
gsym_addr.asan.txt
Description: Text document
gsym_addr.c
Description: Text Data
gsym_addr.valgrind.txt
Description: Text document
- [Tinycc-devel] Out of Bounds Write in gsym_addr,
Bugs SysSec <=