-
Notifications
You must be signed in to change notification settings - Fork 464
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack Overflow in sassc #3000
Comments
Being tracked as CVE-2019-18797. |
This works ok for me, what stack size did you give sassc?
I'll keep it open as I haven't fully tested it under ASAN. |
@mgreter was this issue ever addressed? |
Hey @NicoleG25 , no we don't really currently address stack overflows, since with a decent OS this will result in a crash. If you can tell me how to avoid this with a recursive parser on all any env, I'm all ears. This is similar to when you feed a too big source file to GCC/Clang or any other compiler. LibSass is not different in that regard and dependent on how much stack space you give it during compilation. We might improve this on certain OS, eg. by catching Structured Execption on windows or setting rlimit, or SIGSEGV on linux. But we will never be completely save on all systems. |
We found Stack Overflow in sassc binary and sassc is complied with clang enabling ASAN.
Machine Setup
Complilation : CC=afl-clang-fast CXX=afl-clang-fast++ AFL_USE_ASAN=1 make -C sassc -j4
POC : POC.scss.zip
ASAN Output
The text was updated successfully, but these errors were encountered: