See also wiki:CrashList.
Bug reported
- ClamAV
- FreeType2
- gettext: LANGUAGE='../../../../../tmp' with non-suid programs
- glibc
- ImageMagick
- libpoppler
- libexif
- nm
- rpm
Bug not yet reported
- file
- crash with invalid magic.mgc file, you can be specified using -m
- mplayer
- HOME='' make mplayer crash and it never leaves
- command line: -quiet -vo null -ao null -endpos 2
- Flash browser plugin
- many crash
- xterm
- PATH=xxx /usr/bin/xterm ls
- to crash xterm, length of PATH should be odd (eg. 41)
- xterm/misc.c:2811, function xtermFindShell() doesn't allocate enough bytes to store nul byte
gettext
- gettext: library to translate (localize) string (i18n/l10n things)
- It's possible to use your own .mo file with this little hack:
mkdir /tmp/LC_MESSAGES cp hello.mo /tmp/LC_MESSAGES/ LANGUAGE='../../../../../../../../tmp' ./hello Erreur de segmentation
- Found crash with fuzzing near intl/dcigettext.c:934 but Bruno Haible (author of gettext) will not fix them (add more verifications) because it « would not serve the purpose of a maximally efficient lookup of translations »
gstreamer
cd gst-plugins-base ./configure --prefix=/opt/gstreamer CFLAGS="-O0 -ggdb" PKG_CONFIG_PATH=/opt/gstreamer/lib/pkgconfig/
python
$ ./configure --prefix=/opt/pythonsvn --with-pydebug && make && make install
With pydebug, use "export PYTHONTHREADDEBUG=1" to trace threading operations.
php
$ CFLAGS="-O0 -ggdb" ./configure --enable-debug --prefix=/opt/php && make && make install
Notes:
- Real function name is "zif_" + name (eg. zif_count_chars for count_chars)
- Interesting files: main/php.h, main/php_config.h, Zend/zend.h
