Hi all, while working on an update for my cvs2fossil tool, I was doing some mistakes ^W^W^W fuzzing the output and able to reliably crash fossil. In rebuild_step, blob_delta_apply is called without checking the return value. If the delta is for some reason valid compressed data, but not a valid delta, it returns directly and leaves next uninitialized. The reassignment in the tail recursion part then corrupts pBase. The only part I'm not sure is how to best deal with this.
Joerg _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
