version: libsass3.5-stable Summary: There is a Segmentation fault at Sass::Eval::operator in libsass3.5-stable. $./sassc POC1 Segmentation fault The GDB debugging information is as follow (gdb) set args POC1 (gdb) r Program received signal SIGSEGV, Segmentation fault. 0x00000000004a0d23 in Sass::Eval::operator()(Sass::Binary_Expression*) () ...
Hello shuitao, is this the same problem of: https://bugzilla.redhat.com/show_bug.cgi?id=1482397 (and CVE-2017-12964)? Thanks!
Please attach POC1 to this issue report, thank you.
It's triggered in latest version.
Created attachment 1505523 [details] ./sassc POC1
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to '31'.
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to 31.
Red Hat Bugzilla is not an appropriate forum for reporting security bugs in upstream components. As you can see, your bug report here has been ignored for several years, and will likely continue to be ignored, so I'm going to go ahead and close it. Please feel free to report this upstream if you want the developers to look at it.