H, On Mon, 30 Jul 2018, John Scott wrote:
I fuzzed tcc for several hours and found some issues. I'm not familiar with tcc's code and can't be of much help in resolving these, but they do affect both 0.9.27 and the latest Git version, so I hope to bring awareness to these bugs.
Well, in reality it's just a misplaced diagnostic; it's invalid source code and tcc rejects it. But I guess emitting a proper error message earlier is nicer. Fixed in mob, thanks for the report (don't waste too much time on fuzzing TCC though; it's generally more useful to test how TCC fares on real-world code, not on fuzzed garbage claiming to be C code).
Meanwhile, attempting to preprocess `##include<` in a C source file causes tcc to hang and consume arbitrarily large amounts of memory.
Can't reproduce this with mob, though: % cat fuzz2.c ##include< % ./tcc -E fuzz2.c # 1 "fuzz2.c" # 1 "/usr/local/lib/tcc/include/" 1 # 1 "fuzz2.c" 2 (using -c works as well, just to be sure). Ciao, Michael. _______________________________________________ Tinycc-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/tinycc-devel
