[Bug 15652] New: [busybox 1.36.1] heap-use-after-free in tsort
bugzilla at busybox.net
bugzilla at busybox.net
Thu Jun 22 15:22:02 UTC 2023
https://bugs.busybox.net/show_bug.cgi?id=15652
Bug ID: 15652
Summary: [busybox 1.36.1] heap-use-after-free in tsort
Product: Busybox
Version: unspecified
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Other
Assignee: unassigned at busybox.net
Reporter: f.busse at imperial.ac.uk
CC: busybox-cvs at busybox.net
Target Milestone: ---
The following input causes a use-after-free:
$ printf '\x0f\n\xf0\n\xf0\n\x0f' | busybox-1.36.1/bin/busybox tsort
==2165==ERROR: AddressSanitizer: heap-use-after-free on address 0x603000000040
at pc 0x560d7ee21afd bp 0x7fff70e3f840 sp 0x7fff70e3f830
READ of size 4 at 0x603000000040 thread T0
#0 0x560d7ee21afc in tsort_main coreutils/tsort.c:179
(found be KLEE)
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list