You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the following mruby code is executed with mruby in
version 137aa18006410365769f91110eb96d7d121c423f, mruby crashes because of a segmentation violation:
#This input causes mruby to crash
#this bug was found using nautilus 2.0: https://github.com/nautilus-fuzz/nautilus
b=0
c={1=>1, 2=>"foo", "foo"=>nil, nil=> nil}
d = c.collect(){|c| d = c.collect(){|| b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
b = methods.sample(){|| }
}
}
c = rand.method(b,){|| }
d = c.call(){|| }
ASAN output:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==84518==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x564462f04eb2 bp 0x7ffe3fe42330 sp 0x7ffe3fe42270 T0)
==84518==The signal is caused by a READ memory access.
==84518==Hint: address points to the zero page.
#0 0x564462f04eb1 in mrb_local_variables (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x15eeb1)
#1 0x564462e7ff4f in mrb_funcall_with_block (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0xd9f4f)
#2 0x564462f4c57d in mcall (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x1a657d)
#3 0x564462f4c9f0 in method_call (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x1a69f0)
#4 0x564462e8ee7d in mrb_vm_exec (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0xe8e7d)
#5 0x564462e84006 in mrb_vm_run (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0xde006)
#6 0x564462eb740a in mrb_top_run (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x11140a)
#7 0x564462e76ac7 in mrb_load_exec (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0xd0ac7)
#8 0x564462e76bfc in mrb_load_file_cxt (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0xd0bfc)
#9 0x564462dd9a51 in main (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x33a51)
#10 0x7f76a40581e2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x271e2)
#11 0x564462dd710d in _start (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x3110d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/fuzzing/targets/binary_backups/mruby_current_ASAN_no_instrumentation+0x15eeb1) in mrb_local_variables
==84518==ABORTING
The text was updated successfully, but these errors were encountered:
When the following mruby code is executed with mruby in
version 137aa18006410365769f91110eb96d7d121c423f, mruby crashes because of a segmentation violation:
ASAN output:
The text was updated successfully, but these errors were encountered: