From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/7223
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: buffer overflow in regcomp and a way to find more of those
Date: Fri, 20 Mar 2015 18:32:11 -0400
Message-ID: <20150320223211.GP23507@brightrain.aerifal.cx>
References: <CAGQ9bdxBDFu+7cnBFxk_toa_C0qwVCgLG=Jc7zMs8cVB8y+UFA@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1426890754 15162 80.91.229.3 (20 Mar 2015 22:32:34 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Fri, 20 Mar 2015 22:32:34 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-7236-gllmg-musl=m.gmane.org@lists.openwall.com Fri Mar 20 23:32:30 2015
Return-path: <musl-return-7236-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-7236-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1YZ5Sr-00026z-IC
	for gllmg-musl@m.gmane.org; Fri, 20 Mar 2015 23:32:25 +0100
Original-Received: (qmail 32332 invoked by uid 550); 20 Mar 2015 22:32:23 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 32311 invoked from network); 20 Mar 2015 22:32:23 -0000
Content-Disposition: inline
In-Reply-To: <CAGQ9bdxBDFu+7cnBFxk_toa_C0qwVCgLG=Jc7zMs8cVB8y+UFA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:7223
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/7223>

On Fri, Mar 20, 2015 at 01:17:47PM -0700, Konstantin Serebryany wrote:
> Hi,
> 
> Following the discussion at the glibc mailing list
> (https://sourceware.org/ml/libc-alpha/2015-03/msg00662.html)
> I've tried to fuzz musl regcomp and the first bug popped up quickly.
> Please let me know if you would be interested in adding the fuzzer
> (http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/README.txt?view=markup)
> to the musl testing process.

Thanks! It's fixed in commit 39dfd58417ef642307d90306e1c7e50aaec5a35c.

Rich