On Thu, Nov 19, 2015 at 07:32:15PM +0100, Jacek Wielemborek wrote: > Classification: EXPLOITABLE > Short description: PossibleStackCorruption (7/22)
> gnash::SWFMovieDefinition::read_all_swf(): Assertion `startPos <= > _swf_end_pos' failed. > Aborted (core dumped) No stack corruption is possible, the assert is there to avoid it. A more robust parser would rather throw an exception there rather than abort, but I don't intend to fix any such code unless it comes with an automated test guarding for it to not break anymore. Are you willing to provide such new testsuite branch for those cases ? It looks to me that all you need is that base64 string, and an automated tester could run afl-fuzz-parallel for each of the offending strings. Does it make sense ? Ideally a crash would be reported against the exact string producing it. --strk; _______________________________________________ Gnash-dev mailing list Gnash-dev@gnu.org https://lists.gnu.org/mailman/listinfo/gnash-dev