Bug#775793: Segmentation fault while applying corrupted patch - pch.c (1677)

Fernando Muñoz Mon, 19 Jan 2015 17:04:03 -0800

Package: patch

Patch fuzzed with lcamtuf's afl generates a segfault, read access violation.


user@user-box:~ $ gdb /home/user/patch/patch-2.7.1/src/patch
...
Reading symbols from /home/user/patch/patch-2.7.1/src/patch...done.
(gdb) run util.h --input crash.diff
Starting program: /home/user/patch/patch-2.7.1/src/patch util.h --input
crash.diff
patching file util.h

Ran out of memory using Plan A -- trying again...

patching file util.h

Program received signal SIGSEGV, Segmentation fault.
0x080636e5 in another_hunk (difftype=NO_DIFF, rev=false) at pch.c:1677
1677        if (! (p_line[0] = savestr (buf))) {
(gdb) print p_line
$1 = (char **) 0x0
(gdb) print p_line[0]
Cannot access memory at address 0x0
(gdb) bt
#0  0x080636e5 in another_hunk (difftype=NO_DIFF, rev=false) at pch.c:1677
#1  0x0804afde in main (argc=2, argv=0xbffff0b4) at patch.c:366
#2  0xb7e2da83 in __libc_start_main (main=0x8049f60 <main>, argc=2,
argv=0xbffff0b4, init=0x80c12a0 <__libc_csu_init>, fini=0x80c1310
<__libc_csu_fini>, rtld_fini=0xb7fed130 <_dl_fini>,
    stack_end=0xbffff0ac) at libc-start.c:287
#3  0x08053431 in _start ()

crash.tar.gz
Description: GNU Zip compressed data

Bug#775793: Segmentation fault while applying corrupted patch - pch.c (1677)

Reply via email to