We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I found two strings via fuzzing that crash toml.Decode:
toml.Decode
package main import ( "log" "github.com/BurntSushi/toml" ) var crashes = []string{ `""�`, // panic: runtime error: index out of range `h=0# e="""# n=2# o=""# s=""# ns=0# en=6# y s`, // hangs } type empty struct{} func main() { crashToTest := 0 // crashToTest := 1 o := empty{} if _, err := toml.Decode(crashes[crashToTest], &o); err != nil { log.Fatal(err) } }
""�
panic: runtime error: index out of range [recovered] panic: runtime error: index out of range goroutine 1 [running]: panic(0xcd1c0, 0xc42000a120) /usr/local/Cellar/go/1.7.4_1/libexec/src/runtime/panic.go:500 +0x1a1 github.com/BurntSushi/toml.parse.func1(0xc420043dd0) /path/to/go/src/github.com/BurntSushi/toml/parse.go:46 +0xf9 panic(0xcd1c0, 0xc42000a120) /usr/local/Cellar/go/1.7.4_1/libexec/src/runtime/panic.go:458 +0x243 github.com/BurntSushi/toml.lexValue(0xc420010120, 0xc420043b68) /path/to/go/go/src/github.com/BurntSushi/toml/lex.go:406 +0x3cd github.com/BurntSushi/toml.(*lexer).nextItem(0xc420010120, 0xc420010118, 0x20, 0xc420090000, 0xc420043c30) /path/to/go/go/src/github.com/BurntSushi/toml/lex.go:84 +0x88 github.com/BurntSushi/toml.(*parser).next(0xc420054070, 0xf21d3, 0xc420043c50, 0x5bd4, 0xc3960) /path/to/go/go/src/github.com/BurntSushi/toml/parse.go:75 +0x33 github.com/BurntSushi/toml.(*parser).topLevel(0xc420054070, 0x12, 0xc42000a478, 0x0, 0x1) /path/to/go/go/src/github.com/BurntSushi/toml/parse.go:130 +0x82e github.com/BurntSushi/toml.parse(0xe5c3d, 0x5, 0xc420054070, 0x14f280, 0xc42000a490) /path/to/go/go/src/github.com/BurntSushi/toml/parse.go:62 +0x3f9 github.com/BurntSushi/toml.Decode(0xe5c3d, 0x5, 0xbf0c0, 0x17ccc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...) /path/to/go/go/src/github.com/BurntSushi/toml/decode.go:115 +0x2fa main.main() /tmp/go-toml-fuzz/main.go:27 +0x83 exit status 2
h=0# e="""# n=2# o=""# s=""# ns=0# en=6# y s
hangs forever
The text was updated successfully, but these errors were encountered:
e643e9e
No branches or pull requests
I found two strings via fuzzing that crash
toml.Decode
:""�
h=0# e="""# n=2# o=""# s=""# ns=0# en=6# y s
hangs forever
The text was updated successfully, but these errors were encountered: