Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Buffer overflow in the TexOpen() function #60
While fuzzing OpenDetex with Honggfuzz, I found a buffer overflow in the TexOpen() function, in detex.l.
Attaching a reproducer (gzipped so GitHub accepts it): test01.gz
Issue can be reproduced by running:
A few comments: first of all, this bug happens in the code path where kpathsea is not used (
For a fix, Akira Kakuto from the TeX Live team suggested:
but this is unchecked.
Hope that helps.