Various undeclared exceptions with fuzzed input #73
Assignees
Labels
Comments
3breadt
added a commit
that referenced
this issue
Nov 7, 2022
- Too short property list data was not correctly handled - Invalid binary property list headers were not handled - ASCII property lists with multi-line comments that do not end before the file ends caused endless loops and finally an ArrayIndexOutOfBoundsException - Invalid characters in an ASCII property list's NSData object caused NumberFormatExceptions
|
Thank you for these findings. The detected issues have been fixed, i.e. proper exceptions are now thrown. |
|
Thanks for the quick fix. I will continue fuzzing and see if more errors can be found. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I started fuzzing this library with https://github.com/CodeIntelligenceTesting/jazzer after originally fuzzing another library and seeing there some crashed in this projects code.
To reproduce the errors use the
PropertyListParser.parsemethod.The fuzzing treats all non declared exceptions as failure.
One file triggers the exception in
BinaryPropertyListParser.doParse. Since normally no one would catch this exception I included it since changing this to aPropertyListFormatExceptioncould be reasonable.plist-crash.zip
The text was updated successfully, but these errors were encountered: