New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A Segmentation fault in cosprim.hh:49:13 #482
Comments
|
Thanks. What is the actual compiled DSP source code? |
|
I put the POC in the attached file, it is something like: It might not be valid, and is produced by random mutation. |
|
Thanks, this is indeed a known problem when language keywords are use in labels. Out of curiosity: what is this "produced by random mutation" idea or project? Thanks. |
|
It is produced by the fuzzing technique, the most popular tool implementing such technique is AFL. |
|
Interesting. Do you actually use APL to test Faust? Or any other fuzzing tool? In any case assuming this is public, I would be interested to see the code. |
|
I use my own tool, and it is not currently public available. But my tool shares similar mutation operations with AFL, you can just read the code of AFL if you are interested in it. |
|
CVE-2021-32275 was assigned to this issue. |
System info
Ubuntu x86_64, clang 6.0, faust (latest master c236d2)
Configure
cmake . -DCMAKE_CXX_FLAGS="-fsanitize=address -g" -DCMAKE_C_FLAGS="-fsanitize=address -g" -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address" -DINCLUDE_STATIC=on -DINCLUDE_HTTP=off -DINCLUDE_OSC=off
Command line
./build/bin/faust -lang ocpp -o /tmp/faust -e -lcc -exp10 -lb -rb -mem -sd @@
AddressSanitizer output
POC
SEGV-computeSigOutput-cosprim-49.zip
The text was updated successfully, but these errors were encountered: