[llvm-bugs] Issue 3727 in oss-fuzz: llvm/llvm-special-case-list-fuzzer: Global-buffer-overflow in p_bracket
k… via monorail via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Oct 23 22:41:12 PDT 2017
Comment #3 on issue 3727 by kcc at google.com:
llvm/llvm-special-case-list-fuzzer: Global-buffer-overflow in p_bracket
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3727#c3
Of course, this is just regexp:
==1==ERROR: AddressSanitizer: global-buffer-overflow on address
0x0000006a18bc at pc 0x00000057f8e9 bp 0x7ffc38c8faf0 sp 0x7ffc38c8fae8
READ of size 1 at 0x0000006a18bc thread T0
SCARINESS: 12 (1-byte-read-global-buffer-overflow)
#0 0x57f8e8 in p_b_coll_elem /src/llvm/lib/Support/regcomp.c:889:42
#1 0x57f8e8 in p_b_eclass /src/llvm/lib/Support/regcomp.c:848
#2 0x57f8e8 in p_b_term /src/llvm/lib/Support/regcomp.c:783
#3 0x57f8e8 in p_bracket /src/llvm/lib/Support/regcomp.c:698
#4 0x56d884 in p_ere_exp /src/llvm/lib/Support/regcomp.c:377:3
#5 0x56d884 in p_ere /src/llvm/lib/Support/regcomp.c:277
#6 0x56e1fb in p_ere_exp /src/llvm/lib/Support/regcomp.c:331:4
#7 0x56e1fb in p_ere /src/llvm/lib/Support/regcomp.c:277
#8 0x56b074 in llvm_regcomp /src/llvm/lib/Support/regcomp.c:232:3
#9 0x56a6dd in llvm::Regex::Regex(llvm::StringRef, unsigned int)
/src/llvm/lib/Support/Regex.cpp:34:11
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20171023/160798cd/attachment-0001.html>
More information about the llvm-bugs
mailing list