Re: Found heap-buffer-overflow with grammar-based fuzzer

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

• Subject: Re: Found heap-buffer-overflow with grammar-based fuzzer
• From: Roberto Ierusalimschy <roberto@...>
• Date: 2023年3月15日 16:09:04 -0300

---

> On 2023年3月15日 at 16:01, Betka, Maik
> <maik.betka@iste.uni-stuttgart.de> wrote:
> > return utf8.dump (load (string.dump (function (...) return (((1.8e-2)//(function (table) if ((0.0e-1)//(function (table) if ((0.0e-0)+coroutine) then
> 
> this part is suspicious:
> 
> .... load (string.dump(function .....
> 
> there's no guarantee against loading arbitrary bytecode; which is
> exactly what this snipped does.
That does not seem to be the problem. The error happens when loading
the modified dump, not when running it. Loading binary files should be
resistant to bad data.
-- Roberto

---

• Follow-Ups:
  • Re: Found heap-buffer-overflow with grammar-based fuzzer, Xmilia Hermit

• References:
  • Found heap-buffer-overflow with grammar-based fuzzer, Betka, Maik
  • Re: Found heap-buffer-overflow with grammar-based fuzzer, Javier Guerra Giraldez

• Prev by Date: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Next by Date: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Previous by thread: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Next by thread: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Index(es):
  • Date
  • Thread