tinytoml
tinytoml copied to clipboard
mayah
stack-overflow in parse_file
I use AFL when fuzzing and got some crashes.
Following is the detail.
==3780==ERROR: LeakSanitizer: detected memory leaks
AddressSanitizer:DEADLYSIGNAL
==18948==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc3803dbc8 (pc 0x0000004982e9 bp 0x7ffc3803e410 sp 0x7ffc3803dbd0 T0) #0 0x4982e9 in __asan_memcpy (/home/yzy/fuzzsoftware/tinytoml/out/Debug/parse_file+0x4982e9) #1 0x4e9c11 in toml::internal::Token::operator=(toml::internal::Token&&) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:270:7 #2 0x4e9c11 in toml::internal::Parser::nextValue() /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:347:31 #3 0x4e9c11 in toml::internal::Parser::consumeForValue(toml::internal::TokenType) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1740:9 #4 0x4eb186 in toml::internal::Parser::parseArray(toml::Value*) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1966:10 #5 0x4ea364 in toml::internal::Parser::parseValue(toml::Value*) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1919:16 #6 0x4eb4b2 in toml::internal::Parser::parseArray(toml::Value*) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1978:14 #7 0x4ea364 in toml::internal::Parser::parseValue(toml::Value*) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1919:16 #8 0x4eb4b2 in toml::internal::Parser::parseArray(toml::Value*) /home/yzy/fuzzsoftware/tinytoml/src/../include/toml/toml.h:1978:14
SUMMARY: AddressSanitizer: stack-overflow (/home/yzy/fuzzsoftware/tinytoml/out/Debug/parse_file+0x4982e9) in __asan_memcpy ==18948==ABORTING
POC
Command
tinytoml/out/Debug/parse_file ./POC
Environment
Ubuntu 20.04
CLang 10.0.1
tinytoml Version:https://github.com/mayah/tinytoml/commit/ea34092df86a50284abddd915e399374c44ace11
