Issue 31301: Python 2.7 SIGSEGV (original) (raw)

I can't reproduce it here:

Python 2.7.13 (default, Jan 19 2017, 14:48:08) [GCC 6.3.0 20170118] on linux2 Type "help", "copyright", "credits" or "license" for more information.

import ast s = open('id%3A000000,sig%3A11,src%3A000000,op%3Ahavoc,rep%3A32').read() ast.parse(s) Traceback (most recent call last): File "", line 1, in File "/usr/lib/python2.7/ast.py", line 37, in parse return compile(source, filename, mode, PyCF_ONLY_AST) TypeError: compile() expected string without null bytes

c@debian:/tools/afl/afl-2.50b/out_python/crashes$ ls -la total 160 drwx------ 2 c c 4096 Aug 31 00:23 . drwx------ 5 c c 4096 Sep 3 09:04 .. -rw------- 1 c c 29352 Aug 28 16:14 id:000000,sig:11,src:000000,op:havoc,rep:32 -rw------- 1 c c 62917 Aug 28 17:08 id:000001,sig:11,src:000000,op:havoc,rep:128 -rw------- 1 c c 15945 Aug 29 20:01 id:000002,sig:11,src:000000,op:havoc,rep:128 -rw------- 1 c c 34202 Aug 31 00:23 id:000003,sig:11,src:000000,op:havoc,rep:128 -rw------- 1 c c 641 Aug 28 16:14 README.txt c@debian:/tools/afl/afl-2.50b/out_python/crashes$

c@debian:~/tools/afl/afl-2.50b/out_python/crashes$ /usr/bin/python2.7 --version Python 2.7.9 (...) Python 2.7.9 (default, Jun 29 2016, 13:08:31) [GCC 4.9.2] on linux2

(...) c@debian:~/tools/afl/afl-2.50b/out_python/crashes$ gdb -q /usr/bin/python2.7 Reading symbols from /usr/bin/python2.7...(no debugging symbols found)...done. (gdb) r id:000001,sig:11,src:000000,op:havoc,rep:128 Starting program: /usr/bin/python2.7 id:000001,sig:11,src:000000,op:havoc,rep:128 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault. 0x00000000004c7334 in ?? () (gdb) bt full #0 0x00000000004c7334 in ?? () No symbol table info available. #1 0x00000000004c7178 in ?? () No symbol table info available. #2 0x00000000004c3e0a in ?? () No symbol table info available. #3 0x00000000004c34de in PyParser_ASTFromFile () No symbol table info available. #4 0x00000000004f6bfc in PyRun_FileExFlags () No symbol table info available. #5 0x00000000004f5d37 in PyRun_SimpleFileExFlags () No symbol table info available. #6 0x00000000004981cd in Py_Main () No symbol table info available. #7 0x00007ffff6f12b45 in __libc_start_main (main=0x497c60

, argc=2, argv=0x7fffffffe6a8, init=, fini=, rtld_fini=, stack_end=0x7fffffffe698) at libc-start.c:287 result = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 5508890025450822687, 4815714, 140737488348832, 0, 0, -5508890024716772321, -5508905476226917345}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x603cd0 <__libc_csu_init>, 0x7fffffffe6a8}, data = {prev = 0x0, cleanup = 0x0, canceltype = 6307024}}} not_first_call = #8 0x0000000000497b8b in _start () No symbol table info available. (gdb)

(gdb) i r rax 0x0 0 rbx 0xa17b40 10582848 rcx 0x0 0 rdx 0x800000000000 140737488355328 rsi 0xa87001 11038721 rdi 0xa17b40 10582848 rbp 0xa87000 0xa87000 rsp 0x7fffffffe160 0x7fffffffe160 r8 0x1c0800000000000 126241527054729216 r9 0x0 0 r10 0x7fffffffe26d 140737488347757 r11 0x1 1 r12 0x1 1 r13 0xa17b68 10582888 r14 0xa17ee0 10583776 r15 0x0 0 rip 0x4c7334 0x4c7334 eflags 0x10212 [ AF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb)