Crash test cases discovered with the AFL fuzzer#33
Open
voetsjoeba wants to merge 11 commits intosteveire:masterfrom
Open
Crash test cases discovered with the AFL fuzzer#33voetsjoeba wants to merge 11 commits intosteveire:masterfrom
voetsjoeba wants to merge 11 commits intosteveire:masterfrom
Conversation
added 11 commits
March 17, 2017 02:20
… a QList.takeFirst() on an empty QList
… Qt due to an at(0) call on an empty QString
…ent at rand() % 0, generating a CPU arithmetic exception
…ailure due to invalid character offset access in string
…ent causes a crash due to an attempt to access a list item at a non-existent position
…gal list index access
…ion due to excessive memory allocation attempt in left/right string justify routines
… a for loop causes a segfault
…riable list is empty and the 'reversed' keyword is given
… PCRE library (libpcre16.so.3.13.2 on Ubuntu Xenial 16.04.2 LTS; PCRE 8.38)
Owner
|
This is great, thanks! I started pushing fixes together with the tests, but I didn't get through the entire branch yet. I'll continue later. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
As part of an evaluation I'm running to use the Grantlee libraries as a replacement for another more basic templating engine in another (unrelated) project, I took the liberty of running the excellent AFL fuzzer against the Grantlee_Templates library.
This pull request contains test cases reproducing the various crashes that were found. I have additional commits locally that resolve each test case, although I'm not including them here -- I'd prefer to defer those to you since my familiarity with the code base is limited. Most of these have straightforward fixes -- the exception is the PCRE stack overflow on large quoted strings, for which I see no easy fix.