Re: Found heap-buffer-overflow with grammar-based fuzzer

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

• Subject: Re: Found heap-buffer-overflow with grammar-based fuzzer
• From: Javier Guerra Giraldez <javier@...>
• Date: 2023年3月15日 18:55:17 +0000

---

On 2023年3月15日 at 16:01, Betka, Maik
<maik.betka@iste.uni-stuttgart.de> wrote:
> return utf8.dump (load (string.dump (function (...) return (((1.8e-2)//(function (table) if ((0.0e-1)//(function (table) if ((0.0e-0)+coroutine) then
this part is suspicious:
.... load (string.dump(function .....
there's no guarantee against loading arbitrary bytecode; which is
exactly what this snipped does.
-- 
Javier

---

• Follow-Ups:
  • Re: Found heap-buffer-overflow with grammar-based fuzzer, Roberto Ierusalimschy

• References:
  • Found heap-buffer-overflow with grammar-based fuzzer, Betka, Maik

• Prev by Date: Re: Entropy in the implementation of Lua
• Next by Date: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Previous by thread: Found heap-buffer-overflow with grammar-based fuzzer
• Next by thread: Re: Found heap-buffer-overflow with grammar-based fuzzer
• Index(es):
  • Date
  • Thread