Some cases may lead to crash when fuzzing xi-core-lib using afl.rs
StevenJiang1110 opened this issue · 0 comments
StevenJiang1110 commented
I have used afl.rs to fuzz the core-lib crate of xi-eidtor(version = "0.4.0", the newest version directly cloned from github). I run fuzz on my ubuntu18.04, x86-64 machine, and I've found several cases may lead to panic.
First is an index out of bounds panic, it can be replayed by
let mut _local0 = xi_core_lib::selection::Selection::new();
let _ = xi_core_lib::selection::Selection::collapse(&mut (_local0));The error message is
Second is an slice index panic, it can be replayed by
let _local0 = xi_core_lib::selection::SelRegion::new(3472328296227680352 ,3472328296227692592);
let _local1 = xi_core_lib::selection::Selection::new_simple(_local0);
let _ = xi_core_lib::selection::Selection::regions_in_range(&_local1 ,3472328502386110512,3472328296227680304);The error message is
There are also some arithmetic overflow panics. For example
let mut _local0 = xi_core_lib::line_cache_shadow::RenderPlan::create(3472328296227680304,3472328296227680304 ,3472328296227680304);
let _ = xi_core_lib::line_cache_shadow::RenderPlan::request_lines(&mut _local0 ,3472328296227680304 ,85621376445067312);The error message is
There are also some other arithmetic overflow panics. I put all the relpay files at replay files
I hope you can check if these is real bugs need to be fixed. Thanks a lot.