[nelhage@penguin:~/code/oss-fuzz]$ echo '(<~~) cvx stopped clear' | ~/code/ghostpdl/bin/gs GPL Ghostscript GIT PRERELEASE 9.25 (2018-09-03) Copyright (C) 2018 Artifex Software, Inc. All rights reserved. This software comes with NO WARRANTY: see the file PUBLIC for details. GS>================================================================= ==32409==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62a000557050 at pc 0x0000015389b3 bp 0x7fff148f8e50 sp 0x7fff148f8e48 READ of size 1 at 0x62a000557050 thread T0 #0 0x15389b2 in gs_scan_token (/home/nelhage/code/ghostpdl/bin/gs+0x15389b2) #1 0x151fd67 in gs_interpret (/home/nelhage/code/ghostpdl/bin/gs+0x151fd67) #2 0x150218f in gs_main_run_string_with_length (/home/nelhage/code/ghostpdl/bin/gs+0x150218f) #3 0x150ab3a in gs_main_run_start (/home/nelhage/code/ghostpdl/bin/gs+0x150ab3a) #4 0x58a5d8 in main (/home/nelhage/code/ghostpdl/bin/gs+0x58a5d8) #5 0x77fc5cb5d2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0) #6 0x491799 in _start (/home/nelhage/code/ghostpdl/bin/gs+0x491799) 0x62a000557050 is located 0 bytes to the right of 20048-byte region [0x62a000552200,0x62a000557050) allocated by thread T0 here: #0 0x553508 in __interceptor_malloc (/home/nelhage/code/ghostpdl/bin/gs+0x553508) #1 0x10d2c3e in gs_heap_alloc_bytes (/home/nelhage/code/ghostpdl/bin/gs+0x10d2c3e)
Fixed in: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0d8c7d56374