Ubuntu
sed package

sed segfaults on L command with long address lengths

Bug #1400575 reported by Jodie Cunningham on 2014-12-09

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	sed (Ubuntu)	Triaged	Medium	Unassigned

Bug Description

To reproduce, run:
sed 'L222222' <<<d

These do not segfault:
sed 'L22222' <<<d
sed 'L2222222222222222222222222' <<<d

I do not have any expected behavior for this as it was just found by the fuzzer AFL.

System is AMD64
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty

sed:
  Installed: 4.2.2-4ubuntu1
  Candidate: 4.2.2-4ubuntu1
  Version table:
*** 4.2.2-4ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
        100 /var/lib/dpkg/status

Revision history for this message

penalvch (penalvch) wrote on 2014-12-09:

Jodie Cunningham, thank you for reporting this bug and helping make Ubuntu better. This is reproducible as per https://bugs.launchpad.net/ubuntu/+source/sed/+bug/1400611 . Hence, the issue you are reporting is an upstream one. Could you please report this problem to them by e-mailing <email address hidden> CC <email address hidden> as per the man page?

Thank you for your understanding.

Changed in sed (Ubuntu):
importance:	Undecided → Medium
status:	New → Triaged

Revision history for this message

Jodie Cunningham (jodie-cunningham) wrote on 2014-12-09:

Bug report sent upstream as requested.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntused package