New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
incorrect decode of %00 in query string leads to out of bound reads when printing the param key #266
Comments
hmm digging into this more, it seems like something seriously breaks when its decoding a query greater that 32 with a null in the string. very strange. it breaks in a similar way if you do |
I also wouldn't be surprised if it has a similar root cause #262 |
This is very similar to #265 but unsure if it's the same root cause so I'm opening a separate issue. Please close this one if they appear to be the same root cause.
trurl incorrectly decodes a
%00
found in the query string part of a URL which causes an out of bound reads when trying to print the result with--json
.Example (note the random data in the
key
of the param):With ASan enabled:
This bug was discovered with the help of AFL++ in combination with ASan.
The text was updated successfully, but these errors were encountered: