Re: [Bug-readline] Double-free error when readline is fed with specific

bug-readline

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-readline] Double-free error when readline is fed with specific

From:	Chet Ramey
Subject:	Re: [Bug-readline] Double-free error when readline is fed with specific data
Date:	Wed, 29 Aug 2018 10:12:44 -0400
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 8/28/18 7:07 PM, Tanel Kriik wrote:

>>> ### Description
>>>
>>> Double-free error when fed with invalid input.
>>> The inputs were found when using AFL to (american fuzzy lop) to
>>> fuzz a program that uses GNU readline.
>>>
>>> ### Recipe
>>>
>>> Compile the program, then pipe either one of the
>>> data file to the program:
>>>
>>>     $ cat data0 | ./test
>>>
>>> Or:
>>>
>>>     $ cat data1 | ./test
>>>
>>> Data files and test source can be found in rlcrash.zip:
>>
>> There is no rlcrash.zip attached.

These have been fixed in readline-8.0, currently at alpha release. They
are present in readline-7.0.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://tiswww.cwru.edu/~chet/

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-readline] Double-free error when readline is fed with specific data, Tanel Kriik, 2018/08/28
- Re: [Bug-readline] Double-free error when readline is fed with specific data, Chet Ramey, 2018/08/28
  - Re: [Bug-readline] Double-free error when readline is fed with specific data, Tanel Kriik, 2018/08/29
    - Re: [Bug-readline] Double-free error when readline is fed with specific data, Chet Ramey <=

Prev by Date: Re: [Bug-readline] Double-free error when readline is fed with specific data
Previous by thread: Re: [Bug-readline] Double-free error when readline is fed with specific data
Index(es):
- Date
- Thread