search

pablo-lamtenzan / miniShell

Implementing (most of) Bash from scracth, supports term-caps, expansion, job control and conditionals.
0 stars 0 forks source link

Heap buffer-overflow in get_elem_size #33

Closed ClemaX closed 3 years ago

ClemaX commented 3 years ago

The failing command is:

pos = g_term.caps.cursor.real;

Apparently everything with a ; crashes

trace:

==27209==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000001fb0 at pc 0x00010a50e606 bp 0x7ffee571b200 sp 0x7ffee571b1f8
READ of size 1 at 0x603000001fb0 thread T0
    #0 0x10a50e605 in get_elem_size (bonus:x86_64+0x10002a605)
    #1 0x10a50ecdb in copy_inter_seps (bonus:x86_64+0x10002acdb)
    #2 0x10a50eea0 in split_separators (bonus:x86_64+0x10002aea0)
    #3 0x10a522caf in exec (bonus:x86_64+0x10003ecaf)
    #4 0x10a523b0c in routine (bonus:x86_64+0x10003fb0c)
    #5 0x10a523663 in main (bonus:x86_64+0x10003f663)
    #6 0x7fff67f297fc in start (libdyld.dylib:x86_64+0x1a7fc)
ClemaX commented 3 years ago

Apparently this has been fixed.