Skip to content

Attempt to perform arithmetic on a nil value within parser:parse() call #106

New issue
New issue
Open
Open
Attempt to perform arithmetic on a nil value within parser:parse() call#106
@Antwy

Description

@Antwy
Antwy
opened on Mar 3, 2025

Hello,

I was playing with libFuzzer-based Lua fuzzer called luzer and found crash with parser:parse() call.
Crash occurs when loading crash-4348634f6b8a3cb546a334528172d17549e49a03.txt file. You can use docker and fuzz targets from oss-sydr-fuzz to reproduce error:

/fuzz/stdin_parse_xml.lua < crash-00392e7545ad23ce26c768fafa8c14291b91eec0.txt

Stacktrace output:

lua: /usr/local/share/lua/5.1/XmlParser.lua:303: attempt to perform arithmetic on field 'extEnd' (a nil value)
stack traceback:
	/usr/local/share/lua/5.1/XmlParser.lua:303: in function 'parseNormalTag'
	/usr/local/share/lua/5.1/XmlParser.lua:356: in function 'parseTagType'
	/usr/local/share/lua/5.1/XmlParser.lua:428: in function 'parse'
	./oss/stdin_parse_xml.lua:12: in function 'TestOneInput'
	./oss/stdin_parse_xml.lua:17: in main chunk
	[C]: ?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions