Project

General

Profile

Actions

Bug #13242

closed

SIGSEGV in rb_bigzero_p()

Added by fumfel (Kamil Frankowicz) almost 8 years ago. Updated over 7 years ago.

Status:
Closed
Assignee:
-
Target version:
-
[ruby-core:79686]

Description

After some fuzz testing I found a crashing test case.

Git HEAD: fbd5cda6aad6db01bbca3d893a9970314a1bd52c

To reproduce: miniruby ruby_rb_bigzero_p.rb


Files

ruby_rb_bigzero_p.log (7.6 KB) ruby_rb_bigzero_p.log Error log fumfel (Kamil Frankowicz), 02/22/2017 01:29 PM
ruby_rb_bigzero_p.rb (14 Bytes) ruby_rb_bigzero_p.rb Crashing test case fumfel (Kamil Frankowicz), 02/22/2017 01:31 PM
Actions #1

Updated by nobu (Nobuyoshi Nakada) almost 8 years ago

  • Status changed from Open to Closed

Applied in changeset r57688.


rational.c: infinity in power

Updated by nobu (Nobuyoshi Nakada) almost 8 years ago

  • Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: REQUIRED, 2.3: REQUIRED, 2.4: REQUIRED

2.3 and earlier hung up before SEGV.

Updated by fumfel (Kamil Frankowicz) almost 8 years ago

This is CVE-2017-6212.

Updated by nobu (Nobuyoshi Nakada) almost 8 years ago

This is not vulnerability.

Updated by fumfel (Kamil Frankowicz) almost 8 years ago

Nobuyoshi Nakada wrote:

This is not vulnerability.

Right, I'm too fast ;-)

Updated by naruse (Yui NARUSE) almost 8 years ago

  • Backport changed from 2.2: REQUIRED, 2.3: REQUIRED, 2.4: REQUIRED to 2.2: REQUIRED, 2.3: REQUIRED, 2.4: DONE

ruby_2_4 r57911 merged revision(s) 57688,57689.

Updated by nagachika (Tomoyuki Chikanaga) almost 8 years ago

  • Backport changed from 2.2: REQUIRED, 2.3: REQUIRED, 2.4: DONE to 2.2: REQUIRED, 2.3: DONE, 2.4: DONE

ruby_2_3 r58060 merged revision(s) 57688,57689.

Updated by usa (Usaku NAKAMURA) over 7 years ago

  • Backport changed from 2.2: REQUIRED, 2.3: DONE, 2.4: DONE to 2.2: DONE, 2.3: DONE, 2.4: DONE

ruby_2_2 r58117 merged revision(s) 57688,57689.

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0