You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While using Augeas version 1.14.1, I encountered a segmentation fault caused by a read access violation in the eval_expr function within pathx.c. This issue arises when evaluating certain expressions, potentially leading to a crash.
Steps to Reproduce:
Build Augeas with the OSS-Fuzz configuration.
Execute the following command:
./augeas_api_fuzzer /path/to/crash-input
The content of the crash input file (Base64 encoded):
IHJlZ2V4cCgiWyIpYW5k/w==
ASan Output:
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3567902505
INFO: Loaded 1 modules (16637 inline 8-bit counters): 16637 [0x56382e895590, 0x56382e89968d),
INFO: Loaded 1 PC tables (16637 PCs): 16637 [0x56382e899690,0x56382e8da660),
./augeas_api_fuzzer: Running 1 inputs 1 time(s) each.
Running: /path/to/crash-input
AddressSanitizer:DEADLYSIGNAL
=================================================================
==80175==ERROR: AddressSanitizer: SEGV on unknown address 0x50340000a4dc (pc 0x56382e6f9d79 bp 0x7ffc9d068290 sp 0x7ffc9d0681c0 T0)
==80175==The signal is caused by a READ memory access.
#0 0x56382e6f9d79 in eval_expr /src/augeas/src/pathx.c:1517:31
#1 0x56382e6f90cc in eval_binary /src/augeas/src/pathx.c:1164:5
#2 0x56382e6f90cc in eval_expr /src/augeas/src/pathx.c:1499:9
#3 0x56382e6e6590 in pathx_eval /src/augeas/src/pathx.c:2869:5
#4 0x56382e6e6590 in pathx_symtab_define /src/augeas/src/pathx.c:3159:13
#5 0x56382e6d1a88 in aug_defvar /src/augeas/src/augeas.c:900:18
#6 0x56382e6c9abc in LLVMFuzzerTestOneInput /src/augeas/augeas_api_fuzzer.cc:53:2
#7 0x56382e57e4d0 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:614:13
#8 0x56382e569745 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:327:6
#9 0x56382e56f1df in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:862:9
#10 0x56382e59a482 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#11 0x7f2003fd4082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
#12 0x56382e56192d in _start (/out/augeas_api_fuzzer+0xb792d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/augeas/src/pathx.c:1517:31 in eval_expr
==80175==ABORTING
Additional Information:
Augeas Version: 1.14.1
Affected File:src/pathx.c
Function:eval_expr
Potential Impact:
This segmentation fault can be triggered by untrusted input, which may lead to denial of service or other unintended behavior.
The text was updated successfully, but these errors were encountered:
Description:
While using Augeas version 1.14.1, I encountered a segmentation fault caused by a read access violation in the
eval_exprfunction withinpathx.c. This issue arises when evaluating certain expressions, potentially leading to a crash.Steps to Reproduce:
Build Augeas with the OSS-Fuzz configuration.
Execute the following command:
The content of the crash input file (Base64 encoded):
ASan Output:
Additional Information:
src/pathx.ceval_exprPotential Impact:
This segmentation fault can be triggered by untrusted input, which may lead to denial of service or other unintended behavior.
The text was updated successfully, but these errors were encountered: