Thanks for the report.
Thanks to Simon for verifying that these are all associated with the
command-line shell only and not with the SQLite core.
Note to Ryan: Please make sure your fuzzer is running inside a
sandbox, in case the fuzzer discovers pernicious dot-commands like
".sy rm -rf ~"
On
On 24 Jun 2017, at 2:29am, Ryan Whitworth wrote:
> GDB backtrace details and input files can be found here:
> https://github.com/rwhitworth/sqlite-fuzz/tree/master/2017-06-23-sqlite3.
For those interested, all the faults found seem to concern dot commands. Here
is an example command which wa
Hello all,
I was using American Fuzzy Lop (afl-fuzz) to fuzz test stdin to the sqlite3
interactive shell. AFL found a few inputs that cause segmentation faults
(mostly due to failed assertions, I think?). Is this sort of thing worth
investigating further or a non-issue?
GDB backtrace details an
3 matches
Mail list logo
