Re: if you use ptx, please let us know [Re: ptx bug (invalid read)

2008-07-16 Thread Cristian Cadar
tails). Best, Cristian On Wed, 2008-07-16 at 12:47 +0200, Jim Meyering wrote: > Cristian Cadar <[EMAIL PROTECTED]> wrote: > >Hello, I found an older bug report generated by our tool for ptx, > > which I forgot to report. The bug is still present in the current > >

ptx bug (invalid read)

2008-07-14 Thread Cristian Cadar
Hello, I found an older bug report generated by our tool for ptx, which I forgot to report. The bug is still present in the current version of Coreutils (6.12). I did not have time to investigate the root cause of the bug, but I'm including a very simple test case and the output reported by v

pr buffer overflow

2008-04-17 Thread Cristian Cadar
Hi Jim, we found a buffer overflow in pr, due to the invalid processing of backspaces and tabs. Here is a simple input that our tool generated: pr --e pr-bug.txt Another input, that crashes in glibc on my machine is: pr -e pr-bug-crash.txt Both pr-bug.txt and pr-bug-crash.txt are

md5 buffer underflow

2008-04-14 Thread Cristian Cadar
Hello Jim, Thanks again for the prompt confirmation of our previous bug reports. We found a new bug in md5sum, due to a buffer underflow. Here is an example that seg faults on my machine: $ md5sum -c -- md5sum_bug.txt Segmentation fault The file md5sum_bug.txt is attached to this

paste -d\\ crash bug

2008-03-26 Thread Cristian Cadar
Hi Jim, We found a crash bug in paste, due to an unbounded buffer overflow. The bug is similar to the ptx bug that we reported earlier, and is due to a lone backslash following the -d flag. Here is an input that crashes libc on my machine: $ paste -d\\

Re: ptx bug -- unbounded buffer overflow

2008-03-21 Thread Cristian Cadar
ur release deadline. Best, Cristian On Fri, 2008-03-21 at 11:11 +0100, Jim Meyering wrote: > Cristian Cadar <[EMAIL PROTECTED]> wrote: > > Hello, I'm part of a research group at Stanford, working on automatic > > bug-finding tools. We are currently testing coreutils, and

ptx bug -- unbounded buffer overflow

2008-03-20 Thread Cristian Cadar
" past the end of the buffer. This in turn causes an unbounded overflow of the buffer malloc-ed at the very beginning of the function, which in turn can be used to corrupt the heap metadata and crash the program. We would appreciate your confirmation of the bug.