Bram Moolenaar <b...@moolenaar.net> wrote: > James McCoy wrote: > >> A few issues were reported on RedHat's bug tracker[0] which have been >> assigned CVE-2017-11109. I took an initial look at them and reduced the >> fuzzer-created scripts so they're clearer (especially for POC2). >> >> [0]: https://bugzilla.redhat.com/show_bug.cgi?id=1468492 >> >> I've also attached a patch that resolves the issue for POC1. Below are >> the ASAN tracebacks for each issue, all using 8.0.0702. > > I think I fixed POC1, however for POC2 and POC3 I can't really > see what the problem is. Perhaps it requires ASAN, valgrind won't be > sufficient?
I can reproduce the errors with POC2 and POC3 with valgrind using: valgrind vim -u NONE -e -s -S POC2 -c ':qa!' valgrind vim -u NONE -e -s -S POC3 -c ':qa!' But if you want to use asan, both gcc and clang have had asan for quite a while now. All that is needed to use asan is to compile and link vim with -fsanitize=address and then run vim normally. One way is to uncomment out this line in vim/src/Makefile to compile vim with asan: #SANITIZER_CFLAGS = -g -O0 -fsanitize=address -fno-omit-frame-pointer Anyway, asan is not needed in the cases of POC2 or POC3. Asan was needed for POC1, but this one has been fixed already. Regard Dominique -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
