Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff
The attached files behave differently when decompressed with lzma-rs and with xz2 crate backed by lzma-sys: [lzmars_xz2_mismatches.tar.gz](https://github.com/gendx/lzma-rs/files/4488337/lzmars_xz2_mismatches.tar.gz) These files are generated by a fuzzer and do not have valid checksums...
The XZ utils source distribution at https://tukaani.org/xz/ contains 63 small files exercising various features of the format. The test files are placed in the public domain and there is a...
This produces identical assembly to the version with byteorder. This requires Rust 1.34, but that's old enough to be present even in Debian Stable.
On some websites, e.g. http://economicinclusion.gov, hreq fails with the following error: > Too many chars in chunk size Firefox and curl work fine. 39 websites out of the top million...
On some websites, e.g. http://fivestarflags.com, hreq fails with the following error: > Unexpected char in chunk size: ' ' Firefox and curl work fine. 143 websites out of the top...
When downloading http://auctionzip.com, hreq panics with the following message: > thread 'main' panicked at 'dangling store key for stream_id=StreamId(1)', /home/shnatsel/.cargo/registry/src/github.com-1ecc6299db9ec823/hreq-h2-0.2.7/src/proto/streams/store.rs:179:17 Only one websites out of the top million according to...
I'm looking to fuzz the library more and use the fuzzer to compare the output to the reference C implementation. I've been wondering, what's the difference between the two directories...
It is now possible to implement this macro safely thanks to TryInto implementation from slices to array references: ```rust let my_arr_reference: &[i32; 5] = my_slice.try_into().unwrap(); ``` Bounds checks will also...
Attempting to decode any of the attached files with `goblin::elf::Elf::parse` crashes the process. Memory allocator runs out of virtual memory and the process is aborted. [goblin-elf-oom-crashes.zip](https://github.com/m4b/goblin/files/2933592/goblin-elf-oom-crashes.zip) Found via AFL.rs. Fuzzing...
`copy_with_timeout()` as implemented in v0.7.2 may exceed its deadline: https://github.com/jayjamesjay/http_req/blob/eba0471369662667c27c0a46541b8cb464c8edc0/src/request.rs#L50-L75 In here the timeout is only checked after the read operation is issued. However, a call to `read()` [may block](https://doc.rust-lang.org/stable/std/io/trait.Read.html#tymethod.read)...