[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: heap-buffer-overflow in luaH_getshortstr
- From: Roberto Ierusalimschy <roberto@...>
- Date: Wed, 23 Feb 2022 10:48:03 -0300
> I found this bug doing some experiments with afl++. It's strange that it
> was not found by oss-fuzz project.
Its behavior is weird. A simple "local _ENV <const> = 0; X = 0" is
enough to trigger the bug, as it violates an assertion. With assertions
off (the default), however, it is very difficult to create a scenario
that causes a seg. fault. Even your example does not cause a seg. fault
when I use it under valgrind.
-- Roberto