Path: csiph.com!xmission!news.glorb.com!usenet.stanford.edu!not-for-mail From: Bob Proulx Newsgroups: gnu.bash.bug Subject: Re: 4-byte script triggers null ptr deref and segfault Date: Thu, 17 Sep 2015 17:08:57 -0600 Lines: 18 Approved: bug-bash@gnu.org Message-ID: References: <20150917172017.GC25574@eeg.ccf.org> NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: usenet.stanford.edu 1442531346 12259 208.118.235.17 (17 Sep 2015 23:09:06 GMT) X-Complaints-To: action@cs.stanford.edu To: bug-bash@gnu.org Envelope-to: bug-bash@gnu.org Mail-Followup-To: bug-bash@gnu.org Content-Disposition: inline In-Reply-To: <20150917172017.GC25574@eeg.ccf.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 216.17.153.58 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Xref: csiph.com gnu.bash.bug:11499 Greg Wooledge wrote: > Brian Carpenter wrote: > > While fuzzing GNU bash version 4.3.42(1)-release > > (x86_64-unknown-linux-gnu) with AFL(http://lcamtuf.coredump.cx/afl), I > > stumbled upon a 4-byte 'script' that triggers a null ptr deref and causes a > > segfault. > > > > https://savannah.gnu.org/support/index.php?108885 > > Well, that's an annoying web-to-mail interface. It didn't include the > full bug report? There is no web-to-mail interface. The above was simply an email from Brian citing the bug report he filed above. He filed a ticket on the web site and then mailed a reference to it here. Bob