[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-readline] Double-free error when readline is fed with specific
|
From: |
Chet Ramey |
|
Subject: |
Re: [Bug-readline] Double-free error when readline is fed with specific data |
|
Date: |
Tue, 28 Aug 2018 17:07:40 -0400 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 |
On 8/28/18 3:14 PM, Tanel Kriik wrote:
> ### GNU Readline version
>
> 6.3-8ubuntu2
>
> ### OS version
>
> 16.04.1-Ubuntu SMP
>
> ### compilation
>
> $ gcc -o test test.c -lreadline
>
> ### Description
>
> Double-free error when fed with invalid input.
> The inputs were found when using AFL to (american fuzzy lop) to
> fuzz a program that uses GNU readline.
>
> ### Recipe
>
> Compile the program, then pipe either one of the
> data file to the program:
>
> $ cat data0 | ./test
>
> Or:
>
> $ cat data1 | ./test
>
> Data files and test source can be found in rlcrash.zip:
There is no rlcrash.zip attached.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU address@hidden http://tiswww.cwru.edu/~chet/