Skip to content
This repository has been archived by the owner on Mar 25, 2024. It is now read-only.

Some bugs found while fuzzing #49

Closed
killercup opened this issue Mar 14, 2017 · 3 comments
Closed

Some bugs found while fuzzing #49

killercup opened this issue Mar 14, 2017 · 3 comments
Labels
bug

Comments

@killercup
Copy link
Contributor

I've been giving libfuzzer a try and added a target for serde-yaml (see rust-fuzz/targets#46).

After a few million runs, it found a few things: https://gist.github.com/killercup/c6c2d4bddd9bb9eadacff3324828fc28

  • thread '<unnamed>' panicked at 'Out of bounds access'
  • stack overflows

(Sadly, I forgot to enable RUST_BACKTRACE…)
@dtolnay dtolnay added the bug label Mar 14, 2017
@killercup
Copy link
Contributor Author

Just saw fuzzing works on macOS now as well, and while testing I found a stack overflow ("AddressSanitizer: stack-overflow on address"): https://gist.github.com/killercup/6c20ed12f659989587f2dffc2193cfa0. This may be a bug in ASAN on mac, though, I haven't investigated any further.

@killercup
Copy link
Contributor Author

Similar, but different stack overflow: https://gist.github.com/killercup/de51bc2cdf2a3a1b82f0e4ef650aa74d

@dtolnay dtolnay mentioned this issue May 30, 2017
Closed
@dtolnay
Copy link
Owner

dtolnay commented Sep 15, 2018

Thanks! All of these have been fixed as of 0.8.4.

@dtolnay dtolnay closed this as completed Sep 15, 2018
Repository owner deleted a comment from radix May 10, 2020
Repository owner locked and limited conversation to collaborators May 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@killercup @dtolnay