Open 3iang opened 6 months ago
Do you have a stack trace for the input? I would expect it to be a nested array - the CBOR equivalent to
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[...]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]
I've seen these inputs being generated by OSSFuzz, and there is currently little we can do.
I think you are right and the full stacktrace is similar as this : bt.txt
I've seen these inputs being generated by OSSFuzz, and there is currently little we can do.
Could you elaborate? I would prefer not having a possible stack-overflow here.
Description
poc.json
Reproduction steps
cat poc.json | ./parse_cbor_fuzzer
Expected vs. actual results
Expected no stack overflow.
Minimal code example
No response
Error messages
No response
Compiler and operating system
afl-clang-fast++
Library version
3.11.3
Validation
develop
branch is used.