On 7/13/18 9:17 AM, isabella parakiss wrote:
> but... 4278190079 != 2^32-2...
> anything above 2^31 will do
Anything that causes atoi() to return a negative number due to overflow.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippoc
but... 4278190079 != 2^32-2...
anything above 2^31 will do
On 7/12/18, Chet Ramey wrote:
> On 7/11/18 9:41 AM, Simon Wörner wrote:
>> Dear all,
>> The following crash was found by a modified
>> version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
>>
>> The crash can be reproduced by r
On 7/11/18 9:41 AM, Simon Wörner wrote:
> Dear all,
> The following crash was found by a modified
> version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
>
> The crash can be reproduced by running:
> $ ls
> $ jobs 4278190079 # 2^32-2
Thanks, this is another integer overflow issue.
--
oh wow, this is nice:
#define get_job_by_jid(ind) (jobs[(ind)])
155 if ((job == NO_JOB) || jobs == 0 || get_job_by_jid (job) == 0)
definitely this if needs looking into.
cheers,
pg
On 11 Jul 2018, at 15:41, Simon Wörner wrote:
> Dear all,
> The following crash was found by a modi
Dear all,
The following crash was found by a modified
version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL).
The crash can be reproduced by running:
$ ls
$ jobs 4278190079 # 2^32-2
We can the crash for
- GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu)
- GNU bash, version 4.4.2
