Nereuxofficial
commented
3 years ago So i found a few more crashes but it should still be fixed by fixing the normalize_url function
Closed Nereuxofficial closed 2 years ago
Nereuxofficial
commented
3 years ago So i found a few more crashes but it should still be fixed by fixing the normalize_url function
tjtelan
commented
3 years ago I was able to reproduce the crashes with your repo and I'll get around to fixing this soon.
Thanks for the report!
I fuzzed this crate using honggfuzz and found 2 crashes, both of which can be fixed by letting the normalize_url function check for null bytes.
You can fuzz the code yourself and further investigate the crashes with this repo.
In the main function there are also two test functions which can be used to easily reproduce the crashes.
The crashing inputs are:
////////ws///////////*,\u{0}\u{0}^\u{0}\u{0}\u{0}\u{0}@2\u{1}\u{0}\u{1d})\u{0}\u{0}\u{0}:\u{0}\u{0}\u{0}and:?\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{1f}s\u{3}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{0}\u{5}\u{1}@\u{0}\u{0}\u{4}!e\u{0}\u{0}2\u{1c}^3106://?<!41\u{0}\u{0}\u{0}?\u{0}\u{0}\u{0}\u{0}\u{4}?