Re: 4-byte script triggers null ptr deref and segfault

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 4-byte script triggers null ptr deref and segfault

From:	Chet Ramey
Subject:	Re: 4-byte script triggers null ptr deref and segfault
Date:	Thu, 17 Sep 2015 21:57:05 -0400
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.2.0

On 9/17/15 12:50 PM, Brian Carpenter wrote:
> While fuzzing GNU bash version 4.3.42(1)-release
> (x86_64-unknown-linux-gnu) with AFL(http://lcamtuf.coredump.cx/afl), I
> stumbled upon a 4-byte 'script' that triggers a null ptr deref and causes a
> segfault.
> 
> https://savannah.gnu.org/support/index.php?108885

Thanks for the report.  This was fixed late last October, and the fix is
in the devel branch and bash-4.4-alpha.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet@case.edu    http://cnswww.cns.cwru.edu/~chet/

[Prev in Thread]

Current Thread

[Next in Thread]

4-byte script triggers null ptr deref and segfault, Brian Carpenter, 2015/09/17
- Re: 4-byte script triggers null ptr deref and segfault, Greg Wooledge, 2015/09/17
  - Re: 4-byte script triggers null ptr deref and segfault, Pádraig Brady, 2015/09/17
  - Re: 4-byte script triggers null ptr deref and segfault, Bob Proulx, 2015/09/17
- Re: 4-byte script triggers null ptr deref and segfault, Chet Ramey <=

Prev by Date: Re: 4-byte script triggers null ptr deref and segfault
Next by Date: Re: null ptr deref & segfault in multiple versions of bash
Previous by thread: Re: 4-byte script triggers null ptr deref and segfault
Next by thread: Re: [Help-bash] Why BASH_SUBSHELL behaves differently in () and <()?
Index(es):
- Date
- Thread