I ran the shell through the afl++ fuzzer, and it split out a few different
ASAN failures for simple inputs:
heap-buffer-overflow:
$ toybox sh -c '$'
$ toybox sh -c '+()'
$ toybox sh -c '<<0;0'
$ toybox sh -c '{$,}'
floating-point-exception:
$ toybox sh -c '((0%0))'
Also found some ASAN failures on the vi command.
heap-buffer-overflow:
$ echo p > input; toybox vi -s input ascii.txt
stack-buffer-overflow:
$ echo s000000000000000 > input; toybox vi -s input ascii.txt
-Eric
_______________________________________________
Toybox mailing list
[email protected]
http://lists.landley.net/listinfo.cgi/toybox-landley.net
