You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I was using American Fuzzy Lop (afl-fuzz) to fuzz input to the huo program on Linux. Is fixing the crash from this input file something you're interested in? The input file can be found here: https://github.com/rwhitworth/huo-fuzz/tree/master/2017-06-11
Its content is:
[9.;
The files can be executed as ./huo < id_filename to cause the assertion to fail.
Let me know if I can provide any more information to help narrow down this issue.
# ~/huo/huo < id\:000018\,sig\:06\,src\:000191\,op\:havoc\,rep\:2 ; gdb --batch --eval-command=bt ~/huo/huo core | less; rm core
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
Core was generated by `/root/huo/huo'.
Program terminated with signal SIGABRT, Aborted.
#0 0x00007f419bae2067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#0 0x00007f419bae2067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007f419bae3448 in __GI_abort () at abort.c:89
#2 0x00007f419badb266 in __assert_fail_base (fmt=0x7f419bc13f18 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x426df7 "get_token(pos, tokens).type != TOK_DOT", file=file@entry=0x426db8 "src/parser.c", line=line@entry=239, function=function@entry=0x426e1e "huo_ast *parse_int(size_t *, struct Tokens *)") at assert.c:92
#3 0x00007f419badb312 in __GI___assert_fail (assertion=0x426df7 "get_token(pos, tokens).type != TOK_DOT", file=0x426db8 "src/parser.c", line=239, function=0x426e1e "huo_ast *parse_int(size_t *, struct Tokens *)") at assert.c:101
#4 0x0000000000422995 in parse_int (pos=<optimized out>, tokens=<optimized out>) at src/parser.c:239
#5 0x00000000004220a9 in accept (pos=0x7ffcc00be318, tokens=0x7ffcc00be390, ret=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#6 parse_number (pos=0x7ffcc00be318, tokens=0x7ffcc00be390) at src/parser.c:269
#7 0x0000000000422d89 in accept (pos=0x7ffcc00be318, tokens=0x7ffcc00be390, ret=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#8 accept_any (ret=<optimized out>, pos=<optimized out>, tokens=<optimized out>, num_to_accept=<optimized out>, to_accept=<optimized out>) at src/parser.c:109
#9 parse_statement (pos=<optimized out>, tokens=<optimized out>) at src/parser.c:195
#10 accept (ret=<optimized out>, pos=<optimized out>, tokens=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#11 parse_array (pos=0x7ffcc00be318, tokens=0x7ffcc00be390) at src/parser.c:340
#12 0x00000000004216f5 in accept (pos=0x7ffcc00be318, tokens=0x7ffcc00be390, ret=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#13 parse_open_square (pos=0x7ffcc00be318, tokens=0x7ffcc00be390) at src/parser.c:365
#14 0x0000000000421029 in accept (pos=0x7ffcc00be318, tokens=0x7ffcc00be390, ret=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#15 accept_any (ret=<optimized out>, pos=<optimized out>, tokens=<optimized out>, num_to_accept=<optimized out>, to_accept=<optimized out>) at src/parser.c:109
#16 parse_statement (pos=<optimized out>, tokens=<optimized out>) at src/parser.c:195
#17 accept (ret=<optimized out>, pos=<optimized out>, tokens=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#18 parse_main (pos=0x7ffcc00be318, tokens=0x7ffcc00be390) at src/parser.c:157
#19 0x0000000000420a0f in accept (pos=<error reading variable: Cannot access memory at address 0x1a9b9>, tokens=0x7ffcc00be390, ret=<optimized out>, to_accept=<optimized out>) at src/parser.c:60
#20 parse (tokens=0x7ffcc00be390) at src/parser.c:133
#21 0x000000000041c99a in eval (string=<optimized out>, exec_bundle=0x1e4bc20) at src/execution_functions/evaluate.c:18
#22 0x000000000041e29c in apply_single_value_func (kwd_val=<optimized out>, exec_bundle=0x1e4bc20, value=0x7ffcc00be590) at src/apply_single_value_func.c:27
#23 0x00000000004234b7 in execute (exec_bundle=0x1e4bc20) at src/execute.c:73
#24 0x00000000004234a0 in execute (exec_bundle=0x1e4bc20) at src/execute.c:68
#25 0x000000000041ba7d in if_block (exec_bundle=0x1e4bc20) at src/execution_functions/if_block.c:18
#26 0x000000000041d2ad in apply_execution_function (kwd_val=<optimized out>, result=0x7ffcc00bed10, exec_bundle=0x1e4bc20) at src/apply_execution_function.c:33
#27 0x0000000000423230 in execute (exec_bundle=0x1e4bc20) at src/execute.c:47
#28 0x000000000041d773 in apply_execution_function (kwd_val=<optimized out>, result=0x7ffcc00bf180, exec_bundle=0x1e4bc20) at src/apply_execution_function.c:84
#29 0x0000000000423230 in execute (exec_bundle=0x1e4bc20) at src/execute.c:47
#30 0x000000000041c669 in while_loop (exec_bundle=0x1e4bc20) at src/execution_functions/while_loop.c:24
#31 0x000000000041d3fd in apply_execution_function (kwd_val=<optimized out>, result=0x7ffcc00bf690, exec_bundle=0x1e4bc20) at src/apply_execution_function.c:46
#32 0x0000000000423230 in execute (exec_bundle=0x1e4bc20) at src/execute.c:47
#33 0x000000000042481b in main (argc=<optimized out>, argv=<optimized out>) at src/huo.c:131
The text was updated successfully, but these errors were encountered:
Hello, I was using American Fuzzy Lop (afl-fuzz) to fuzz input to the
huoprogram on Linux. Is fixing the crash from this input file something you're interested in? The input file can be found here: https://github.com/rwhitworth/huo-fuzz/tree/master/2017-06-11Its content is:
The files can be executed as
./huo < id_filenameto cause the assertion to fail.Let me know if I can provide any more information to help narrow down this issue.
The text was updated successfully, but these errors were encountered: