spasm-ng icon indicating copy to clipboard operation
spasm-ng copied to clipboard

Published 20 hours ago verified publisher icon alberthdev

Fuzzed Crashes

Open jacobly0 opened this issue 8 years ago • 1 comments

These inputs all cause spasm to segfault:

.echo >0

#macro >

a#macro a

b(

#define a a
 a

w("r(")
r(

.addinstr 0 0 0000000000000000000000000000

Note that the last one only crashes sometimes in hardened mode and occasionally corrupts malloc otherwise.

jacobly0 avatar Mar 25 '17 11:03 jacobly0

Updating this as I take a stab at each:

  • [x] .echo >0
  • [ ] #macro >
  • [ ] a#macro a
  • [ ] b(
  • [ ] #define a a a
  • [ ] w("r(") r(
  • [x] .addinstr 0 0 0000000000000000000000000000

alberthdev avatar Mar 26 '17 07:03 alberthdev