Dominique wrote:
> Here is another odd case discovered by afl-fuzz
> which causes vim-7.4.725 to access invalid memory:
>
> $ vim -u NONE \
> -c 'e ++enc=utf ++bad=keep crash-4' \
> -c 'call search(getline("."))|q'
>
> ... where crash4 s the attached file (7 bytes).
> Address sanitizer reports:
>
> ==25574==ERROR: AddressSanitizer: heap-buffer-overflow on address
> 0x60200001a0b8 at pc 0x7386fe bp 0x7ffebd700e40 sp 0x7ffebd700e38
> READ of size 1 at 0x60200001a0b8 thread T0
> #0 0x7386fd in get_coll_element /home/pel/sb/vim/src/regexp.c:1160
[...]
> Fixed in attached patch.
Thanks. Keep them coming! :-)
--
How To Keep A Healthy Level Of Insanity:
10. Ask people what sex they are. Laugh hysterically after they answer.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
