Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The parser may crash instead of returning an error #875

Open
dzamlo opened this issue Oct 14, 2024 · 0 comments
Open

The parser may crash instead of returning an error #875

dzamlo opened this issue Oct 14, 2024 · 0 comments
Labels
type: bug Something isn't working

Comments

@dzamlo
Copy link

dzamlo commented Oct 14, 2024

With the input {222222222232222}{} the function defmt_parser::parse(input, defmt_parser::ParserMode::ForwardsCompatible) crash with the message "memory allocation of 3555555555715568 bytes failed" instead of returning an error.

I believe this is an issue and an error should be returned instead of crashing on untrusted input.

I found that using fuzzing. You can found the fuzzing code on https://github.com/dzamlo/defmt/tree/fuzz. The commands used to run the fuzzing is cargo afl build followed by cargo afl fuzz -i in -o out ../target/debug/parser-fuzz-target. The tutorial for the fuzzer I used is available on https://rust-fuzz.github.io/book/afl/tutorial.html.

@Urhengulas Urhengulas added the type: bug Something isn't working label Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants