Menu
▾
▴
#6 NULL pointer dereference in mjson 1.7
Dear Ruimaciel,
We have found a NULL pointer dereference issue in mjson.
The crash input is automatically generated by our test generation tool FOCAL.
You can find jsonparser.c in the attachment.
Here are details to reproduce the buffer overflow.
- OS & Compiler
Ubuntu Linux 16.04 x64 and GCC 5.4.0 - Build command
$ CFLAGS="-fsanitize=address" ./configure && make clean all
$ gcc -fsanitize=address -o jsonparser2 jsonparser.c -Isrc src/.libs/libmjson.a - Run command
$ echo "abc"|./jsonparser - Outputs
```
Some error occurred: 4
ASAN:SIGSEGV
=================================================================
==28253==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000411ded bp 0x7ffc323e2940 sp 0x7ffc323e2910 T0)
#0 0x411dec (/home/yhkim/json-1.7.0/jsonparser+0x411dec)
#1 0x411f74 (/home/yhkim/json-1.7.0/jsonparser+0x411f74)
#2 0x401294 (/home/yhkim/json-1.7.0/jsonparser+0x401294)
#3 0x7f97ef4a282f (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#4 0x401008 (/home/yhkim/json-1.7.0/jsonparser+0x401008)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 ??
==28253==ABORTING
Aborted
```
