-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash when parsing malformed VPACK file #109
Comments
@retpoline : Thanks for the bug report. I fully agree this should be fixed. Will look into it. |
@retpoline : I have created a PR with a potential fix for the problem: #110 In addition, is it possible to share your fuzzer code with us? I would like to use it if possible and ideally also integrate it into our testing. Not sure if this is possible, but it would be nice if you could tell me a bit more about the fuzzer. Thanks! |
Looks good!
Sure, the fuzzer used was litefuzz -- it's very straightward to use if you'd like to run it again or try and fuzz out bugs on other binaries. |
@retpoline : we'll try to integrate the fuzzer into our testing. Thanks for bringing up the issue! |
@retpoline : for info, we tried running litefuzz ourselves, and it produced a few additional issues. These should be fixed via #111. |
@jsteemann glad I could get the conversation started! nice work. |
Hi folks,
A crash was found while fuzz testing of the vpack-to-json binary which can be triggered via a malformed VPACK file. Although this malformed file only crashes the program as-is, it could potentially be crafted further and create a security issue where these kinds of files would be able compromise the process's memory through taking advantage of affordances given by memory corruption. It's recommend to harden the code to prevent these kinds of bugs as it could greatly mitigate such this issue and even future bugs.
Link to crash.vpack (size ~1kb): https://ufile.io/80isjc53
debug log
The text was updated successfully, but these errors were encountered: