oss-fuzz icon indicating copy to clipboard operation
oss-fuzz copied to clipboard
verified publisher icon google

A Proof of Error in `python-libnmap-0.7.2`

Open DonggeLiu opened this issue 3 years ago • 4 comments

  1. A docker environment to show the proof of the error.
  2. wrappers to feed inputs to python-libnmap-0.7.2.

DonggeLiu avatar Jun 06 '22 05:06 DonggeLiu

Do we still want to land this?

jonathanmetzman avatar Sep 18 '22 01:09 jonathanmetzman

Do we still want to land this?

I don't remember why we give up on merging this exactly, but I suppose it can be a good example to show our sanitizer not only works on C/C++? If there is no objection, I am happy to move it to the new dir, address the comments, and merge.

DonggeLiu avatar Sep 19 '22 00:09 DonggeLiu

Do we still want to land this?

I don't remember why we give up on merging this exactly, but I suppose it can be a good example to show our sanitizer not only works on C/C++? If there is no objection, I am happy to move it to the new dir, address the comments, and merge.

No objection. I'll just point out though that ExecSan is broken in OSS-Fuzz because of pyinstaller.

jonathanmetzman avatar Sep 19 '22 11:09 jonathanmetzman

I think the reason we decided against this was the root cause of this vuln wasn't really realistic. We can just drop this at this point I reckon.

oliverchang avatar Sep 20 '22 01:09 oliverchang