478597b9f9
Found by fuzzer:
ERROR: AddressSanitizer: SEGV on unknown address 0x602100000455
The signal is caused by a READ memory access.
#0 in blob_check_type blob.c:214:43
#1 in blob_parse_attr blob.c:234:9
#2 in blob_parse_untrusted blob.c:272:12
#3 in fuzz_blob_parse tests/fuzzer/test-blob-parse-fuzzer.c:34:2
#4 in LLVMFuzzerTestOneInput tests/fuzzer/test-blob-parse-fuzzer.c:39:2
Caused by following line:
if (type == BLOB_ATTR_STRING && data[len - 1] != 0)
where len was pointing outside of the data buffer.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
||
|---|---|---|
| .. | ||
| inputs | ||
| CMakeLists.txt | ||
| test_avl.t | ||
| test_base64.t | ||
| test_blob_parse.t | ||
| test_blobmsg.t | ||
| test_jshn.t | ||
| test_json_script.t | ||
| test_list.t | ||
| test_runqueue.t | ||