Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More crashes found via fuzzing #239

Closed
leonklingele opened this issue Feb 8, 2019 · 1 comment
Closed

More crashes found via fuzzing #239

leonklingele opened this issue Feb 8, 2019 · 1 comment
Labels
bug

Comments

@leonklingele
Copy link

More strings were found that crash toml.Decode.

Steps to reproduce

$ cd $(mktemp -d)
$ git clone https://github.com/leonklingele/fuzzing-BurntSushi-toml
$ cd fuzzing-BurntSushi-toml
$ # The crashing strings can be found in ./workdir/crashers/
$ # A lot are probably duplicates triggering the same panic – I've not filtered them.
$ # Test all strings against the github.com/BurntSushi/toml library found in GOPATH
$ ./runall.sh

Related: #114, #155
@arp242 arp242 added the bug label Jun 9, 2021
arp242 added a commit that referenced this issue Jun 10, 2021
@arp242
Deal with escaping of newline escapes in triple-quotes strings
672b055 
Prevously this:

	x = """
	Hello\\
	uehm
	"""

Would get interperted as:

	"Hello \uehm"

Quite a few (though not all) of the fuzzing failures in #239 are due to
this.

Fixes #237
arp242 added a commit that referenced this issue Jun 10, 2021
@arp242
Deal with escaping of newline escapes in triple-quotes strings
b2c5d2a 
Previously this:

	x = """
	Hello \\
	uehm
	"""

Would get interpreted as:

	Hello \uehm

But that's not correct as that "\" is escaped, and it should be:

	Hello \
	uehm

Quite a few (though not all) of the fuzzing failures in #239 are due to
this because it tried to parse "\u.." or something else as an escape
code.

Also fixes #237
@arp242 arp242 mentioned this issue Jun 10, 2021
Merged
arp242 added a commit that referenced this issue Jun 13, 2021
@arp242
Allow any whitespace after \ to escape newline in """ and disallow co…
35432de 
…ntrol characters

This changed in TOML 0.5:

	Allow accidental whitespace between backslash and newline in the
	line continuation operator in multi-line basic strings

In general it deals with CRLF inside """ strings better: it all gets
normalized to LF.

This also fixes the last of the crashes in #239; """\\r""" would panic.
Control characters aren't allowed in strings anyway, so error out on
that too.
@arp242 arp242 mentioned this issue Jun 13, 2021
Merged
@arp242
Copy link
Collaborator

arp242 commented Jun 13, 2021

All of these are now fixed.

I also added a fuzz_test.go for the new Go 1.17 fuzzer beta in #289; I haven't run it very long yet, but it makes it easier to run fuzz tests if people want it by just using go test -fuzz. I'll let it run for a bit before the next release to see what falls out.

@arp242 arp242 closed this as completed Jun 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arp242 @leonklingele