HotSpurzzZ
HotSpurzzZ
When I use fuzzing/format_command_fuzzer.c for fuzz testing, I found SEGV issue in redisFormatCommand function of /src/hiredis/hiredis.c:569:11 ### POC file: https://github.com/HotSpurzzZ/testcases/blob/main/hiredis/hiredis_SEGV_redisFormatCommand ### Verification steps : ``` export CC=/usr/bin/clang export CFLAGS='-fsanitize=address -g'...
When I use tests/fuzzers/ucl_add_string_fuzzer.c for fuzz testing, I found Heap-buffer-overflow in ucl_maybe_parse_number function of ucl_parser.c:882:11 This seems similar to[issue263](https://github.com/vstakhov/libucl/issues/263) but has not been fixed in the latest version. ### Verification...
When I use tests/fuzzers/ucl_add_string_fuzzer.c for fuzz testing, I found Heap-buffer-overflow in ucl_skip_comments function of ucl_parser.c:182:11 ### Verification steps ``` CC = clang CFLAGS = -O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope...
When using libfuzzer to fuzz the dumper, a heap overflow was found, this can reproduce on the lattest commit. When trying to dereference a pointer: (*(--(stack).top)), , the status of...
A SEGV has occurred when running program addressbook. ### POC file: https://github.com/HotSpurzzZ/testcases/blob/main/pbc/pbc_SEGV_pbc_wmessage_string ### Verification steps : 1.Get the source code of pbc 2.Compile (Note the modification of the makefile to...
A SEGV has occurred when running program test. The program does not check for the return value of pbc_wmessage_new (./test/test.c:16), resulting in the program still running when null is returned....