Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Various undeclared exceptions with fuzzed input #73

Closed
theobisproject opened this issue Nov 7, 2022 · 2 comments
Closed

Various undeclared exceptions with fuzzed input #73

theobisproject opened this issue Nov 7, 2022 · 2 comments
Assignees
Labels

Comments

@theobisproject
Copy link

I started fuzzing this library with https://github.com/CodeIntelligenceTesting/jazzer after originally fuzzing another library and seeing there some crashed in this projects code.

To reproduce the errors use the PropertyListParser.parse method.

The fuzzing treats all non declared exceptions as failure.
One file triggers the exception in BinaryPropertyListParser.doParse. Since normally no one would catch this exception I included it since changing this to a PropertyListFormatException could be reasonable.

plist-crash.zip

@3breadt 3breadt self-assigned this Nov 7, 2022
@3breadt 3breadt added the bug label Nov 7, 2022
3breadt added a commit that referenced this issue Nov 7, 2022
- Too short property list data was not correctly handled
- Invalid binary property list headers were not handled
- ASCII property lists with multi-line comments that do not end before the file ends caused endless loops and finally an ArrayIndexOutOfBoundsException
- Invalid characters in an ASCII property list's NSData object caused NumberFormatExceptions
@3breadt
Copy link
Owner

3breadt commented Nov 7, 2022

Thank you for these findings. The detected issues have been fixed, i.e. proper exceptions are now thrown.

@3breadt 3breadt closed this as completed Nov 7, 2022
@theobisproject
Copy link
Author

Thanks for the quick fix. I will continue fuzzing and see if more errors can be found.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants