You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Program received signal SIGSEGV, Segmentation fault.
0x000000000043f8d0 in strcmp ()
(gdb) bt
#0 0x000000000043f8d0 in strcmp () #1 0x00007ffff72f03d4 in std::type_info::operator== (__arg=..., this=)
at /usr/bin/../lib/gcc/x86_64-linux-gnu/5.2.1/../../../../include/c++/5.2.1/typeinfo:124 #2 Sass::CastSass::Parent_Selector (ptr=) at ./ast.hpp:145 #3 Sass::Complex_Selector::resolve_parent_refs (this=, pstack=..., implicit_parent=true)
at ast.cpp:1295 #4 0x00007ffff72f0041 in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1288 #5 0x00007ffff72f0041 in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1288 #6 0x00007ffff72ef2f9 in Sass::Selector_List::resolve_parent_refs (this=, pstack=...,
implicit_parent=) at ast.cpp:1268 #7 0x00007ffff72f0bab in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1409 #8 0x00007ffff72ef2f9 in Sass::Selector_List::resolve_parent_refs (this=, pstack=...,
implicit_parent=) at ast.cpp:1268 #9 0x00007ffff72f0bab in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1409
...
Credits:
This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact [email protected] and [email protected] if you need more info about the team, the tool or the vulnerability.
The text was updated successfully, but these errors were encountered:
Stack-Overflow in libsass library
Version : master
Reproduce:
$./sassc poc10
poc download here:
https:/lcytxw/libsass-collAfl/blob/master/poc10
ASAN debugging information:
Program received signal SIGSEGV, Segmentation fault.
0x000000000043f8d0 in strcmp ()
(gdb) bt
#0 0x000000000043f8d0 in strcmp ()
#1 0x00007ffff72f03d4 in std::type_info::operator== (__arg=..., this=)
at /usr/bin/../lib/gcc/x86_64-linux-gnu/5.2.1/../../../../include/c++/5.2.1/typeinfo:124
#2 Sass::CastSass::Parent_Selector (ptr=) at ./ast.hpp:145
#3 Sass::Complex_Selector::resolve_parent_refs (this=, pstack=..., implicit_parent=true)
at ast.cpp:1295
#4 0x00007ffff72f0041 in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1288
#5 0x00007ffff72f0041 in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1288
#6 0x00007ffff72ef2f9 in Sass::Selector_List::resolve_parent_refs (this=, pstack=...,
implicit_parent=) at ast.cpp:1268
#7 0x00007ffff72f0bab in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1409
#8 0x00007ffff72ef2f9 in Sass::Selector_List::resolve_parent_refs (this=, pstack=...,
implicit_parent=) at ast.cpp:1268
#9 0x00007ffff72f0bab in Sass::Complex_Selector::resolve_parent_refs (this=, pstack=...,
implicit_parent=true) at ast.cpp:1409
...
Credits:
This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact [email protected] and [email protected] if you need more info about the team, the tool or the vulnerability.
The text was updated successfully, but these errors were encountered: