xml2lua Attempt to index a nil value within parser:parse() call

Attempt to index a nil value within parser:parse() call

Open Antwy opened this issue 7 months ago • 0 comments

Hello,

I was playing with libFuzzer-based Lua fuzzer called luzer and found crash with parser:parse() call. Crash occurs when loading crash-06d2814ffd0a9eb5be1199c7a522337efe29f805.txt file. You can use docker and fuzz targets from oss-sydr-fuzz to reproduce error:

/fuzz/stdin_parse_xml.lua < crash-06d2814ffd0a9eb5be1199c7a522337efe29f805

Stacktrace output:

lua: /usr/local/share/lua/5.1/xmlhandler/tree.lua:84: attempt to index local 'parent' (a nil value)
stack traceback:
	/usr/local/share/lua/5.1/xmlhandler/tree.lua:84: in function 'reduce'
	/usr/local/share/lua/5.1/xmlhandler/tree.lua:154: in function 'endtag'
	/usr/local/share/lua/5.1/XmlParser.lua:335: in function 'parseNormalTag'
	/usr/local/share/lua/5.1/XmlParser.lua:356: in function 'parseTagType'
	/usr/local/share/lua/5.1/XmlParser.lua:428: in function 'parse'
	./oss/stdin_parse_xml.lua:12: in function 'TestOneInput'
	./oss/stdin_parse_xml.lua:17: in main chunk
	[C]: ?

Mar 03 '25 13:03 Antwy

xml2lua xml2lua copied to clipboard

Attempt to index a nil value within parser:parse() call

xml2lua
xml2lua copied to clipboard