[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#29666: Segfault at changing location
From: |
Jim Meyering |
Subject: |
bug#29666: Segfault at changing location |
Date: |
Tue, 12 Dec 2017 09:47:17 -0800 |
On Mon, Dec 11, 2017 at 12:44 PM, Jeremy Feusi <address@hidden> wrote:
> Hi,
> I am working on a project for school in which I use afl to find bugs in
> software and I decided to fuzz grep. In doing so I discovered a
> segfault. When using gdb, the location of the segfault varies, which
> puzzles me and so I cannot include any further information.
> The command to obtain this bug is:
> grep -o -E -f <seg-file>
> where <seg-file> is the file attached.
>
> I am using grep 3.1 on arch linux.
> cheers
> Jeremy
Thank you for the report.
This has been an issue since about grep-2.6.1.
It gave a proper diagnostic until 2.5.4:
$ grep-2.5.4/bin/grep -E -f <(printf %080000d 0|tr 0 '(')
grep-2.5.4/bin/grep: Unmatched ( or \(
[Exit 2]
Starting in approximately 2.6.1 (I don't have 2.6.0 handy) it
would fail like this:
$ grep-2.6.1/bin/grep -E -f <(printf %080000d 0|tr 0 '(')
Segmentation fault (core dumped)
Using the latest with -P works fine:
$ grep -P -f <(printf %080000d 0|tr 0 '(')
grep: parentheses are too deeply nested
[Exit 2]
Here's a nearly-complete patch to make grep diagnose the generic
"stack overflow" problem:
grep-stack-overflow.diff
Description: Text document