Skip to content
This repository has been archived by the owner on Mar 25, 2024. It is now read-only.

Some bugs found while fuzzing #49

Closed
killercup opened this issue Mar 14, 2017 · 3 comments
Closed

Some bugs found while fuzzing #49

killercup opened this issue Mar 14, 2017 · 3 comments
Labels
bug

Comments

@killercup
Copy link
Contributor

I've been giving libfuzzer a try and added a target for serde-yaml (see rust-fuzz/targets#46).

After a few million runs, it found a few things: https://gist.github.com/killercup/c6c2d4bddd9bb9eadacff3324828fc28

  • thread '<unnamed>' panicked at 'Out of bounds access'
  • stack overflows

(Sadly, I forgot to enable RUST_BACKTRACE…)
@dtolnay dtolnay added the bug label Mar 14, 2017
@killercup
Copy link
Contributor Author

Just saw fuzzing works on macOS now as well, and while testing I found a stack overflow ("AddressSanitizer: stack-overflow on address"): https://gist.github.com/killercup/6c20ed12f659989587f2dffc2193cfa0. This may be a bug in ASAN on mac, though, I haven't investigated any further.

@killercup
Copy link
Contributor Author

Similar, but different stack overflow: https://gist.github.com/killercup/de51bc2cdf2a3a1b82f0e4ef650aa74d

@dtolnay dtolnay mentioned this issue May 30, 2017
Closed
@dtolnay
Copy link
Owner

dtolnay commented Sep 15, 2018

Thanks! All of these have been fixed as of 0.8.4.

@dtolnay dtolnay closed this as completed Sep 15, 2018
Repository owner deleted a comment from radix May 10, 2020
Repository owner locked and limited conversation to collaborators May 10, 2020
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@killercup @dtolnay