Bug 1484284 - There is an illegal address access in tic.c of libncurses.
Summary: There is an illegal address access in tic.c of libncurses.
Status: CLOSED DUPLICATE of bug 1488917
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ncurses (Show other bugs)
(Show other bugs)
Version: 7.5-Alt
Hardware: Unspecified Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Lichvar
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: CVE-2017-13730
TreeView+ depends on / blocked
 
Reported: 2017-08-23 07:56 UTC by owl337
Modified: 2018-07-27 15:24 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-07-27 15:24:17 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Triggered by " ./tic POC9 " (419 bytes, application/x-rar)
2017-08-23 07:56 UTC, owl337
no flags Details

Description owl337 2017-08-23 07:56:16 UTC
Created attachment 1316977 [details]
Triggered by "  ./tic POC9 "

Description of problem:

There is an illegal address access in tic.c of libncurses.

Version-Release number of selected component (if applicable):

<= latest version

How reproducible:

./tic POC9

Steps to Reproduce:

The GDB debugging information is as follows:
(gdb) set args POC9
(gdb) r 
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/icy/secreal/ncurses-6.0-20170819/install/bin/tic id:000152,sig:11,src:002053,op:havoc,rep:32

Breakpoint 2, main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) c 
Continuing.
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 34, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 34, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 37, terminal 'a': Legacy termcap allows only a trailing tc= clause
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 37, terminal 'a': unknown capability '49'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 39, terminal 'a': Illegal character - '\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 39, terminal 'a': unknown capability 'r'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 41, terminal 'a': unknown capability 'a'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 73, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 73, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 74, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 86, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 86, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 87, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 4, col 42, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 4, col 42, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 31, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 31, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 109, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 109, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 110, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 122, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 122, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 123, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 145, terminal 'a': Illegal character - '\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 145, terminal 'a': wrong type used for string capability 'useuj'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 7, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 8, col 42, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 8, col 42, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 31, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 31, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 109, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 109, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 110, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 122, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 122, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 123, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 145, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 145, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 146, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 13, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 13, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 14, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 15, terminal 'a': Illegal character '~?' in \ sequence
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 18, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 18, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 19, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 31, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 31, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 70, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 70, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 71, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 83, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 83, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 84, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 14, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 14, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 15, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 27, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 27, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 28, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 48, terminal 'a': Illegal character - '~I'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 17, terminal 'a': wrong type used for string capability 'kas'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 24, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 24, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 25, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 33, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 33, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 34, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 28, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 28, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 29, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 32, col 13, terminal 'a': Missing separator
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 33, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 13, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 13, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 14, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 22, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 22, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 23, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 74, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 74, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 75, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 25, terminal 'a': Illegal character - '{'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 25, terminal 'a': wrong type used for string capability 'us'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 28, terminal 'a': unknown capability 'a'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 34, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 34, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 35, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 17, terminal 'a': wrong type used for string capability 'kas'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 52, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 52, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 53, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 24, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 24, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 25, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 37, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 37, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 38, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 63, col 17, terminal 'a': Missing separator
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^A'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 17, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 17, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 57, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 57, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 58, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 65, col 30, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^J'

Breakpoint 1, 0x000000000040303d in main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) s

Program received signal SIGSEGV, Segmentation fault.
0x000000000040303d in main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) 

Trigged in:
main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,


Actual results:

crash

Expected results:

crash

Additional info:

Credits:

This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact ganshuitao@gmail.com   and chaoz@tsinghua.edu.cn if you need more info about the team, the tool or the vulnerability.

Comment 2 Thomas E. Dickey 2017-08-25 22:29:36 UTC
tic.c is not in a library

Comment 3 Thomas E. Dickey 2017-08-26 00:36:33 UTC
I made a fix for this report which will be in the next set of updates.


Note You need to log in before you can comment on or make changes to this bug.