Overview
| Artifact ID: | 065f99a9cd09d4e76429832f033a7f72b62089b9 |
|---|---|
| Ticket: | 8aa32fadb361b076d66aa37d44b6eaa43eca078d
Tcl_CreateFileHandler crash |
| User & Date: | anonymous 2013-12-03 21:56:33 |
Changes
- comment changed to:
[root@<removed> fuzz]# cat libtcl85.py # # Libtcl 8.5 createfilehandler() crash poc # # Level was here # import _tkinter def errback(*args, **kw): raise ValueError('error') _tkinter.createfilehandler(674664117164,59.58,errback) [root@eagle876 fuzz]# gdb --args python libtcl85.py GNU gdb (GDB) Red Hat Enterprise Linux (7.2-60.el6_4.1) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/python...(no debugging symbols found)...done. Missing separate debuginfos, use: debuginfo-install python-2.6.6-37.el6_4.i686 python-2.6.6-37.el6_4.x86_64 (gdb) r Starting program: /usr/bin/python libtcl85.py [Thread debugging using libthread_db enabled] libtcl85.py:8: DeprecationWarning: integer argument expected, got float _tkinter.createfilehandler(674664117164,59.58,errback) Program received signal SIGSEGV, Segmentation fault. 0x00007ffff05879cd in Tcl_CreateFileHandler () from /usr/lib64/libtcl8.5.so (gdb) q The second parameter typically contains an int, when provided a float a crash occurs in libtcl8.5.so. - login: "anonymous"
- mimetype: "text/plain"