You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Program received signal SIGSEGV, Segmentation fault.
0x000000000043f8d0 in strcmp ()
(gdb) bt
#0 0x000000000043f8d0 in strcmp () #1 0x00007ffff6e12353 in __cxxabiv1::__vmi_class_type_info::__do_dyncast(long, __cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info::__dyncast_result&) const () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #2 0x00007ffff6e0f312 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #3 0x00007ffff75285cd in Sass::CastSass::List (ptr=0x7ffff7af6f60 )
at ast_fwd_decl.cpp:22 #4 0x00007ffff72ba31a in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:454 #5 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #6 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #7 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #8 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #9 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #10 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #11 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #12 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455 #13 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
Credits:
This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact ganshuitao@gmail.com and chaoz@tsinghua.edu.cn if you need more info about the team, the tool or the vulnerability.
The text was updated successfully, but these errors were encountered:
Stack-Overflow in libsass library
Version : master
Reproduce:
$./sassc poc15
poc download here:
https://github.com/lcytxw/libsass-collAfl/blob/master/poc15
ASAN debugging information:
Program received signal SIGSEGV, Segmentation fault.
0x000000000043f8d0 in strcmp ()
(gdb) bt
#0 0x000000000043f8d0 in strcmp ()
#1 0x00007ffff6e12353 in __cxxabiv1::__vmi_class_type_info::__do_dyncast(long, __cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info::__dyncast_result&) const () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#2 0x00007ffff6e0f312 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3 0x00007ffff75285cd in Sass::CastSass::List (ptr=0x7ffff7af6f60 )
at ast_fwd_decl.cpp:22
#4 0x00007ffff72ba31a in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:454
#5 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#6 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#7 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#8 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#9 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#10 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#11 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#12 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
#13 0x00007ffff72ba414 in Sass::Selector_List::operator== (this=0x611000051300, rhs=...) at ast.cpp:455
Credits:
This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact ganshuitao@gmail.com and chaoz@tsinghua.edu.cn if you need more info about the team, the tool or the vulnerability.
The text was updated successfully, but these errors were encountered: