Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:106
106 ../sysdeps/x86_64/strlen.S: No such file or directory.
(gdb) bt
#0 strlen () at ../sysdeps/x86_64/strlen.S:106
#1 0x0000000000479ffe in Strcat_charp (x=0x7f29a0, y=0x500000004 <error: Cannot access memory at address 0x500000004>) at Str.c:217
#2 0x000000000042ea11 in conv_symbol (l=0x7d6c60) at file.c:7614
#3 0x000000000042eb4c in _saveBuffer (buf=0x7d4e00, l=0x7d6c60, f=0x7ffff6ffe400 <_IO_2_1_stdout_>, cont=0) at file.c:7647
#4 0x000000000042eca3 in saveBuffer (buf=0x7d4e00, f=0x7ffff6ffe400 <_IO_2_1_stdout_>, cont=0) at file.c:7668
#5 0x0000000000408002 in do_dump (buf=0x7d4e00) at main.c:1360
#6 0x0000000000407433 in main (argc=5, argv=0x7fffffffcde8, envp=0x7fffffffce18) at main.c:1066
(gdb) frame 2
#2 0x000000000042ea11 in conv_symbol (l=0x7d6c60) at file.c:7614
7614 Strcat_charp(tmp, symbol[(int)c]);
(gdb) p symbol
$1 = (char **) 0x7ccd80
(gdb) p c
$2 = 81 'Q'
symbol is allocated in update_utf8_symbol(). Its size is only 46. So symbol[c] is heap buffer overflow read.
This is found by afl-fuzz.
The text was updated successfully, but these errors were encountered:
input
gdb --args w3m -T text/html -dump filesymbolis allocated inupdate_utf8_symbol(). Its size is only 46. Sosymbol[c]is heap buffer overflow read.This is found by afl-fuzz.
The text was updated successfully, but these errors were encountered: