Monthly Archives: April 2020

re2c: heap overflow in Scanner::fill (scanner.cc)

Description: re2c is a tool for generating C-based recognizers from regular expressions. There is an heap overflow reproducible with a crafted file. ~ $ re2c -o /tmp/out $FILE ================================================================= ==43995==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x629000004212 at pc 0x00000049937f bp 0x7ffc0521bc00 … Continue reading

Posted in advisories, security | Leave a comment

Why I stopped fuzzing research

If you followed me in the past, you may have noticed that I stopped fuzzing research. During this time many people have asked me why…so instead of repeating the same answer every time, why not write a few lines about … Continue reading

Posted in advisories, gentoo, security | 4 Comments