Package: dash
Version: 0.5.10.2-7
dash crashes when checking syntax of a script consisting of a very long
sequence of backticks:
$ printf %09999d | tr 0 '`' | dash -n
Segmentation fault
Valgrind says it's a stack overflow:
Process terminating with default action of signal 11 (SIGSEGV)
Access not within mapped region at address 0xFE33B4C8
Stack overflow in thread #1: can't grow stack to 0xfe33b000
at 0x1180EA: UnknownInlinedFun (string_fortified.h:34)
by 0x1180EA: readtoken1 (parser.c:1377)
Found using American Fuzzy Lop:
http://lcamtuf.coredump.cx/afl/
-- System Information:
Architecture: i386
Versions of packages dash depends on:
ii libc6 2.31-2
ii debianutils 4.11
ii dpkg 1.20.5
ii debconf 1.5.74
--
Jakub Wilk
