Hi Hanno, Hanno Böck wrote:
ed can be crashed with some malformed commands: echo -e "H\n?\{" | ed
Thank you very much for reporting this.
The bug seems to be a call of free on a nonallocated pointer. The bug was found with the fuzzing tool american fuzzy lop in ed 1.14.
Yes, it was a stupid overlook. I changed a malloc'd buffer for a static one and forgot to remove the corresponding 'free'. I'll release a corrected version shortly.
Best regards, Antonio. _______________________________________________ bug-ed mailing list bug-ed@gnu.org https://lists.gnu.org/mailman/listinfo/bug-ed