In article ,
enh wrote:
>this was found by fuzzing the LLVM __cxa_demangle on an ld128 Android
>system using hwasan, but it turns out no to simply be a buffer
>overflow --- the results are just wrong. (which shows how much anyone
>uses ld128 in conjunction with %a!)
Thanks a lot for the heads up
this was found by fuzzing the LLVM __cxa_demangle on an ld128 Android
system using hwasan, but it turns out no to simply be a buffer
overflow --- the results are just wrong. (which shows how much anyone
uses ld128 in conjunction with %a!)
this was the minimized test case:
free(__cxa_demangle("1\0
