Package: procmail Version: 3.22-22 Tags: security Usertags: afl
The attached tarball contains 3 test cases that crash formail: $ formail < test1 *** Error in `formail': malloc(): memory corruption: 0x0933c018 *** Aborted $ formail < test2 *** Error in `formail': free(): invalid next size (fast): 0x08a321b0 *** Aborted $ formail < test3 formail: malloc.c:2372: sysmalloc: Assertion `(old_top == (((mbinptr) (((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >= (unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 *(sizeof(size_t))) - 1)) & ~((2 *(sizeof(size_t))) - 1))) && ((old_top)->size & 0x1) && ((unsigned long) old_end & pagemask) == 0)' failed. Aborted This bug was brought to you by American fuzzy lop: http://lcamtuf.coredump.cx/afl/ -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'experimental') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages procmail depends on: ii libc6 2.19-13 Versions of packages procmail recommends: ii esmtp-run [mail-transport-agent] 1.2-12 ii fetchmail 6.3.26-1+b1 -- Jakub Wilk
procmail-test.tar.gz
Description: application/gzip
