djdron / unrealspeccyp / issues / #5 - Crashes during parse/load of .tzx — Bitbucket

Issue #5 new

Konstantin Mochalov created an issue 2015-04-17

Fuzzed Unreal Speccy Portable with AFL, found samples of .tzx files that crash it.

Samples 6, 165, 166, 167 known to crash regular Mac OS build of Unreal Speccy Portable 0.0.56.1 (when opened using File -> Open or by double-clicking in Finder), while many others cause crash only when Unreal Speccy Portable is built with Address Sanitizer.

Comments (5)

Konstantin Mochalov reporter
- attached testing.diff
Fuzzed using modified 'benchmark' program, here is diff showing what was changed
- removed running emulation cycles, left only loading of input file
- removed time calculation
- removed Handler()->OnDone()
- removed assert(!speccy) in eSpeccyHandler destructor because of removed Handler()->OnDone() -- after test file is loaded, we can just end execution and don't bother more
- removed Reset() in Speccy constructor, it slowed down tests significantly -- I don't need emulation in tests, only loading of .tzx
- 2015-04-17T11:32:38+00:00
Konstantin Mochalov reporter
- attached stacktraces.tar.bz2
Stacktraces for each sample.
- 2015-04-17T17:13:17+00:00
Konstantin Mochalov reporter
- attached unreal_speccy_portable_crashes_tap.zip
Sorry, that stacktraces were for .tap samples, not .tzx. Here are .tap samples that cause crash.
- 2015-04-17T17:28:35+00:00
Konstantin Mochalov reporter
- attached stacktraces-tzx.zip
Stacktraces for .tzx samples
- 2015-04-17T17:34:58+00:00
Andrey Dj repo owner
thank you for investigations!)
- 2015-04-19T23:28:23+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: new

Votes: 0

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!