crash report: illegal memory access when parsing invalid xterm font sequence

Kuang-che Wu kcwu at csie.org
Sun Aug 16 19:04:31 CEST 2015


How to reproduce:
using rxvt-unicode 9.21
$ env CC=clang-3.6 CXX=clang++-3.6 CXXFLAGS='-D_FORTIFY_SOURCE=2 -fstack-protector-all -fsanitize=address -g' LDFLAGS=-fsanitize=address ./configure --disable-perl
$ make
$ src/rxvt -e sh -c 'echo -e "\e]50;[]\x9c";sleep 1'
rxvt: unknown parameter '' in font specification, skipping.
=================================================================
==7102==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x602000006773 at pc 0x0000005711fc bp 0x7ffdebaf0230 sp 0x7ffdebaf0228
READ of size 1 at 0x602000006773 thread T0
....skip

this issue is found by afl-fuzz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.schmorp.de/pipermail/rxvt-unicode/attachments/20150817/25ca734f/attachment.sig>


More information about the rxvt-unicode mailing list