Re: Crash related to mkseq

2018-07-12 Thread Chet Ramey 
On 7/11/18 8:59 AM, Simon Wörner wrote:
> Dear all,
> The following crash related to `mkseq` was found by a modified version
> of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).

Thanks for the report. All these cases are the result of the same integer
overflow.

Chet

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://tiswww.cwru.edu/~chet/

Re: Crash related to execute_builtin

2018-07-12 Thread Chet Ramey 
On 7/11/18 9:02 AM, Simon Wörner wrote:
> Dear all,
> The following crash related to `execute_builtin` was found by a modified
> version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).

Thanks for the report. I'll take a look.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://tiswww.cwru.edu/~chet/

Re: Crash on jobs 2^32-2

2018-07-12 Thread Chet Ramey 
On 7/11/18 9:41 AM, Simon Wörner wrote:
> Dear all,
> The following crash was found by a modified
> version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
> 
> The crash can be reproduced by running:
> $ ls
> $ jobs 4278190079 # 2^32-2

Thanks, this is another integer overflow issue.


-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://tiswww.cwru.edu/~chet/

Re: Number with sign is read as octal despite a leading 10#

2018-07-12 Thread Robert Elz 
Date:Tue, 10 Jul 2018 18:46:32 -0400
From:Isaac Marcos 
Message-ID:  



  | set -- 34 034 0034 +34 +034 +0034 -34 -034 -0034 ;
  | for i do printf '%6s' "$((10#$i))"; shift; done; echo

You really ought be only using POSIX defined sh operators,
from two more POSIX compatible shells (in this regard...):

jinx$ sh -c 'printf '%6s' "$((10#$i))"'
sh: arithmetic: unexpected '#' (0x23) in expression
jinx$ fbsh !*
fbsh -c 'printf '%6s' "$((10#$i))"'
fbsh: arithmetic expression: expecting EOF: "10#"

Leading "base#" is not part of the sh language at all, and so
should not be expected to work at all, let alone in any particular way.

kre