New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack seems smashed with large image inside table #8
Comments
|
Feel free to let me know If you cannot reproduce this issue --- I could try to find more reliable input. p.s. No hurry, I am not pushing you. Just friendly offer help if needed. |
|
Unreproducible for my environment with a casual try. |
|
While I have seen lots of crashes with table colspan (actually, they are majority of crashes), I cannot always reproduce them. They seem sensitive to environment variable and compiler options, etc. With some environment, I can always reproduce crash. But it may not crash anymore if env changed. I will try to produce reliable case. In the meantime, maybe you could fix #16. Hope fixing it will reduce non-deterministic factor. |
|
Fixed by #19 |
Origin: #19 Bug-Debian: #8 [CVE-2016-9422]
How to reproduce
The behavior is not stable. w3m sometimes crashes and sometimes doesn't.
Usually It just segfault and sometimes stack protector says stack smashed.
I haven't debugged it, so I don't know why it's unstable and how the stack smashed. Following is my steps to compile w3m:
This is found by afl-fuzz.
The text was updated successfully, but these errors were encountered: