Stack-buffer-overflow in abcm2ps at music:298

[irfanariq]

Hello,

We are currently working on fuzz testing feature, and we found a crash on abcm2ps.

The stack traces are as follow:

=================================================================
==30789==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffffffd550 at pc 0x5555555eee99 bp 0x7fffffffd3c0 sp 0x7fffffffd3b0
WRITE of size 8 at 0x7fffffffd550 thread T0
    #0 0x5555555eee98 in set_acc_shft .../abcm2ps-git/music.c:298
    #1 0x5555555eee98 in output_music .../abcm2ps-git/music.c:5098
    #2 0x5555555fb1d8 in generate .../abcm2ps-git/parse.c:1042
    #3 0x5555555fc259 in gen_ly .../abcm2ps-git/parse.c:1063
    #4 0x55555560ad40 in do_tune .../abcm2ps-git/parse.c:3647
    #5 0x55555558b2b8 in abc_eof .../abcm2ps-git/abcparse.c:202
    #6 0x5555555cf21e in frontend .../abcm2ps-git/front.c:906
    #7 0x555555588734 in treat_file .../abcm2ps-git/abcm2ps.c:240
    #8 0x555555586fdd in main .../abcm2ps-git/abcm2ps.c:1041
    #9 0x7ffff66aabf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #10 0x555555587829 in _start (.../abcm2ps-git/install_asan/bin/abcm2ps+0x33829)

Here is the full stack trace :
stacktrace_abcm2ps_2.zip

Step to reproduce

We configured abcm2ps using CFLAGS="-g -O0 -fsanitize=address" LDFLAGS="-g -O0 -fsanitize=address" ./configure --disable-shared and built in using make -j10; make install, and run it with:

./abcm2ps <attached file> -O /dev/null

Attachment:
input_abcm2ps_2.zip

Environment

• OS: Ubuntu 18.04.5 LTS
• GCC version: gcc 7.5.0
• abcm2ps version: latest commit of master branch on git (link)

Thank you.

[moinejf]

The problem should be fixed by the commit 5a6b55f.

[irfanariq]

Yes, I have tried and the problem did not occur anymore. I will close the issue.