Stack-overflow testsuite used for fuzzing experiment
Seeds and POCs are in the folder
If you Cannot reproduce the bug, try to reduce the memory limit. For example:
ulimit -a
to see the information of memory limit.sudo ulimit -s 8192
orsudo ulimit -s 4096
to reduce the stack size.sudo ulimit -m 36700160
to reduce the memory size.
The detail information of the benchmark can be seen as follow.
1. cxxfilt 2.31
- Bug type: stack-overflow
- CVE ID:
- Download:
- Reproduce:
c++filt -t < @@
2. nm 2.31
-
Bug type: stack-overflow
-
CVE ID:
-
Download:
-
Reproduce:
nm -C @@
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone git://repo.or.cz/nasm.git git checkout 81f98fe79be23174e2d6ddd9f17a5cfb9ca71ec7
- Reproduce:
nasm -f bin @@ -o ./tmp
4. mjs 1.20.1
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/cesanta/mjs.git git checkout 2827bd00b59bdc176a010b22fc4acde9b580d6c2
- install:
clang mjs.c -DMJS_MAIN -fsanitize=address -g -o mjs.out -ldl
- Reproduce:
mjs.out @@
- ASAN dumps the backtrace:
5. Flex 2.6.4
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/westes/flex git checkout 98018e3f58d79e082216d406866942841d4bdf8a
- Reproduce:
flex @@
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/jbeder/yaml-cpp git checkout 562aefc114938e388457e6a531ed7b54d9dc1b62
- Reproduce:
parse @@
7. Yara 3.5.0
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/VirusTotal/yara git checkout 012269756149ae99745b6dafefd415843d7420bb
- Reproduce:
yara @@ strings
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/sass/libsass git checkout 45f50873962b7d1c66bd115ba6e644bdaaf6cac1
- Reproduce:
tester @@
- Bug type: stack-overflow
- CVE ID:
- Download:
git clone https://github.com/libming/libming git checkout b72cc2fda0e8b3792b7b3f7361fc3f917f269433
- Reproduce:
listswf @@