Open seviezhou opened 4 years ago
Thanks. What is the actual compiled DSP source code?
I put the POC in the attached file, it is something like:
// check removed from the code
process =!(int :>int), float, float(hslider("cos", 0, 0, 10, 1));
It might not be valid, and is produced by random mutation.
Thanks, this is indeed a known problem when language keywords are use in labels.
Out of curiosity: what is this "produced by random mutation" idea or project? Thanks.
It is produced by the fuzzing technique, the most popular tool implementing such technique is AFL.
Interesting. Do you actually use APL to test Faust? Or any other fuzzing tool? In any case assuming this is public, I would be interested to see the code.
I use my own tool, and it is not currently public available. But my tool shares similar mutation operations with AFL, you can just read the code of AFL if you are interested in it.
CVE-2021-32275 was assigned to this issue.
System info
Ubuntu x86_64, clang 6.0, faust (latest master c236d2)
Configure
cmake . -DCMAKE_CXX_FLAGS="-fsanitize=address -g" -DCMAKE_C_FLAGS="-fsanitize=address -g" -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address" -DINCLUDE_STATIC=on -DINCLUDE_HTTP=off -DINCLUDE_OSC=off
Command line
./build/bin/faust -lang ocpp -o /tmp/faust -e -lcc -exp10 -lb -rb -mem -sd @@
AddressSanitizer output
POC
SEGV-computeSigOutput-cosprim-49.zip