From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11712 invoked by alias); 15 May 2017 21:31:22 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 41107 Received: (qmail 14189 invoked from network); 15 May 2017 21:31:22 -0000 X-Qmail-Scanner-Diagnostics: from mail-qt0-f181.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1. Clear:RC:0(209.85.216.181):SA:0(-0.2/5.0):. Processed in 2.139099 secs); 15 May 2017 21:31:22 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_SORBS_SPAM, SPF_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.1 X-Envelope-From: dualbus@gmail.com X-Qmail-Scanner-Mime-Attachments: |strcatsub| X-Qmail-Scanner-Zip-Files: | Received-SPF: pass (ns1.primenet.com.au: SPF record at _netblocks.google.com designates 209.85.216.181 as permitted sender) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=Ubr09KYnA7X+0HcYaYbtWWyeFXByz2sXbonO2z6XN6c=; b=CHC8fbgbl3NFIxyqxJ7LJza3n+nMX2J4uhtt6QNGUjokpZQYYvIvg10VSQ2D9hHcEn j08mA2+sr7yQlXbCkMOHprnII3z/Szrda+tHjIiy2GriYHME9163ALKr/3rpBp7ntUfM eocB4LhvqZD1qePi4BFivww211X++hBucEgQqO9w6ZnB+eA48T6K+1+GawMWymIvI+SC 1JN2yTT7lTb3/d+wRWUppJ9DSRFC9kBkDg4KVNKkJJ2QO40g3kgsEX2NHCZbmJsDGVfN NOyTg42UwuazzPhpjCaT1aulpWuSiBbapNmEt3lXV908laxmbktpvMIDHx+JE7bkxTKi Qa2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=Ubr09KYnA7X+0HcYaYbtWWyeFXByz2sXbonO2z6XN6c=; b=bvAchVTEAM42DrWuU/kUzbNS91MZe6Hu1G586j5JXVpM0HsfYtvm3By81FFkdsoySk ZzJADD49oNcRoTV5lqSpRGRKmNrGWIVQbZqIcWX9k9/cjTwAvDTVAyDXrYDyJQHAJYm+ FBk9JXfnniL0db9AZRMCTR6tLgt+s1BZ6Y8nscGyNSxV2BtBADO8U1TzK2MLS0Z6je1K mp+6Cuy9HjzNkjpuM4siLLKF0nv1msBiltfllt0Vnvv2uFIN2uF7LrjM9eaXzDNjMPnm JDQIvmsY2ambBiLV5s/JkmovQYpgPSnQ+WvPs9URV4ykgP7G1uNFBSisOC5qVvxmiYXU d+Ww== X-Gm-Message-State: AODbwcAbSm1uNaVIB0iwa7+Fh9vWdZzS2LimaycJ8Vbrp3oDVu/1jtLQ B1zq2jH1PwWsJ7T3P0NhT9BJ0HnDmQ== X-Received: by 10.200.53.87 with SMTP id z23mr7131609qtb.249.1494883872696; Mon, 15 May 2017 14:31:12 -0700 (PDT) MIME-Version: 1.0 From: Eduardo Bustamante Date: Mon, 15 May 2017 16:30:52 -0500 Message-ID: Subject: Zsh parser segmentation fault in strcatsub To: zsh-workers@zsh.org Cc: =?UTF-8?Q?Eduardo_A=2E_Bustamante_L=C3=B3pez?= Content-Type: multipart/mixed; boundary="001a113e97b2373b6f054f96c673" --001a113e97b2373b6f054f96c673 Content-Type: text/plain; charset="UTF-8" dualbus@debian:~/bash-fuzzing/zsh-parser$ base64 strcatsub JCQwMDAwJHsoZTB6KV5ZLTAwMCR7KHopXlktMDA+AAoKCgp7MDAwMDAwfTB9MAowMH0keyUwMDAw MDAwMDAwADAwMDAwMDAwMDAwMDAwADAwMDAwMDAwMDAwMDAwMDCKMDAwMDAwljAwlTAwMDCWlo0w MDAwMDAwJHsoZnpmTGwwMjAwb05OgD8+JjmioqKioqIvL6KAPzBCMG1wcjAyMDAloo6iopeiT40p M29OMGlPMCljMDAwJTAwMDAwMDAwMDAwMH2hMACHMDAwMDAwljAwh4cwMDAwMDAAMDAwMDAwMJYw MId9MDA= Core was generated by `/home/dualbus/src/zsh/zsh/Src/zsh -nv strcatsub'. Program terminated with signal SIGSEGV, Segmentation fault. #0 __strcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:235 235 ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S: No such file or directory. (gdb) bt #0 __strcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:235 #1 0x00000000004c12ab in strcatsub (d=0x7fff6a5f47b8, pb=0x7fa742ad6bed "0\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl020000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\066\071\060\060\060\060\060\060\205\217%0000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl0200000"..., pe=0x7fa742ad6c38 "0\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\066\071\060\060\060\060\060\060\205\217%0000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl020000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\066\071\060\060\060"..., src=0x7fa742ac7128 "69000000\205\217%0000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl020000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\066\071\060\060\060\060\060\060\205\217%0000000000\203 000000"..., l=224, s=0x7fa742ad6c93 "\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl020000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\066\071\060\060\060\060\060\060\205\217%0000000000\203 ", '0' , "\203 ", '0' , "\203\252\060\060\060\060\060\060\203\266\060\060\203\265\060\060\060\060\203\266\203\266\203\255\060\060\060\060\060\060\060\205\217\210fzfLl02"..., glbsub=0, copied=1) at subst.c:738 #2 0x00000000004bf1ad in paramsubst (l=0x7fff6a5f53b0, n=0x7fff6a5f5398, str=0x7fff6a5f4d70, qt=0, pf_flags=4, ret_flags=0x7fff6a5f534c) at subst.c:4031 #3 0x00000000004b5083 in stringsubst (list=0x7fff6a5f53b0, node=0x7fff6a5f5398, pf_flags=4, ret_flags=0x7fff6a5f534c, asssub=0) at subst.c:247 #4 0x00000000004b4435 in prefork (list=0x7fff6a5f53b0, flags=4, ret_flags=0x7fff6a5f534c) at subst.c:85 #5 0x00000000004b5abc in singsub (s=0x7fff6a5f5c08) at subst.c:430 #6 0x00000000004bb85b in paramsubst (l=0x7fff6a5f6390, n=0x7fa742ad6cc8, str=0x7fff6a5f5d40, qt=0, pf_flags=0, ret_flags=0x7fff6a5f631c) at subst.c:3011 #7 0x00000000004b5083 in stringsubst (list=0x7fff6a5f6390, node=0x7fa742ad6cc8, pf_flags=0, ret_flags=0x7fff6a5f631c, asssub=0) at subst.c:247 #8 0x00000000004b4435 in prefork (list=0x7fff6a5f6390, flags=0, ret_flags=0x7fff6a5f631c) at subst.c:85 #9 0x0000000000440df5 in execcmd_getargs (preargs=0x7fa742ad37c8, args=0x7fa742ad3688, expand=1) at exec.c:2659 #10 0x000000000043c1eb in execcmd_exec (state=0x7fff6a5f8230, eparams=0x7fff6a5f70f0, input=0, output=0, how=18, last1=2) at exec.c:2765 #11 0x000000000043b804 in execpline2 (state=0x7fff6a5f8230, pcode=131, how=18, input=0, output=0, last1=0) at exec.c:1873 #12 0x0000000000433f6e in execpline (state=0x7fff6a5f8230, slcode=3074, how=18, last1=0) at exec.c:1602 #13 0x0000000000432dfe in execlist (state=0x7fff6a5f8230, dont_change_job=0, exiting=0) at exec.c:1360 ---Type to continue, or q to quit--- #14 0x000000000043277e in execode (p=0x7fa742ad3528, dont_change_job=0, exiting=0, context=0x4d9274 "toplevel") at exec.c:1141 #15 0x000000000045e366 in loop (toplevel=1, justonce=0) at init.c:208 #16 0x0000000000462846 in zsh_main (argc=3, argv=0x7fff6a5f8858) at init.c:1692 #17 0x0000000000411a32 in main (argc=3, argv=0x7fff6a5f8858) at ./main.c:93 --001a113e97b2373b6f054f96c673 Content-Type: application/octet-stream; name=strcatsub Content-Disposition: attachment; filename=strcatsub Content-Transfer-Encoding: base64 X-Attachment-Id: f_j2qn8hpw0 JCQwMDAwJHsoZTB6KV5ZLTAwMCR7KHopXlktMDA+AAoKCgp7MDAwMDAwfTB9MAowMH0keyUwMDAw MDAwMDAwADAwMDAwMDAwMDAwMDAwADAwMDAwMDAwMDAwMDAwMDCKMDAwMDAwljAwlTAwMDCWlo0w MDAwMDAwJHsoZnpmTGwwMjAwb05OgD8+JjmioqKioqIvL6KAPzBCMG1wcjAyMDAloo6iopeiT40p M29OMGlPMCljMDAwJTAwMDAwMDAwMDAwMH2hMACHMDAwMDAwljAwh4cwMDAwMDAAMDAwMDAwMJYw MId9MDA= --001a113e97b2373b6f054f96c673--