Hi Hanno,
Hanno Böck wrote:
ed can be crashed with some malformed commands:
echo -e "H\n?\{" | ed
Thank you very much for reporting this.
The bug seems to be a call of free on a nonallocated pointer. The bug
was found with the fuzzing tool american fuzzy lop in ed 1.14.
Yes, it was a stupid overlook. I changed a malloc'd buffer for a static
one and forgot to remove the corresponding 'free'. I'll release a
corrected version shortly.
Best regards,
Antonio.
_______________________________________________
bug-ed mailing list
bug-ed@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-ed
