All crashes are due to a nil dereference in line 137 of execute.c.
Shortest test case to date:
$ printf '1L1\n+11\n' | bc
(standard_in) 1: illegal character: L
(standard_in) 1: syntax error
Segmentation fault (core dumped)
$ gdb ./bc ./core
[...]
Program terminated with signal SIGSEGV, Segmen
Package: debian-policy
Severity: important
Tags: patch
Dear Maintainer,
The existing policy does not specify that the RPATH or RUNPATH (if
present) should not contain relative paths or paths that traverse
dangerous (eg world writable) directories. There is some discussion
of this on the OSS-secur
On Sat, 2014-12-20 at 02:10 -0200, Henrique de Moraes Holschuh wrote:
> IMHO, the suggested wording does get the point across that whomever wants to
> use RPATH/RUNPATH must be prepared to defend its use with strong technical
> reasons.
Exactly. Without it I was concerned this would tacitly condo
Package: bc
Version: 1.06.95-8ubuntu1
Severity: normal
Dear Maintainer,
Fuzzed crashes using afl (not likely to cross a trust boundary so
not reporting as a security bug). Test cases attached/below.
begin 660 crash.tgz
M'XL(`(0&>50``^V:38^30!C'.7@P1+^`)[)&+J`[#\,PE)N;/>[!3]"$=*VM
MUK26=4\F^D&]^
4 matches
Mail list logo
