heap buffer overflow in cmListFileLexer.c:2569
Hi, I am working on a project in which I use the AFL fuzzer to search for bugs in open source software and I decided to fuzz cmake. In doing so I discovered a heap buffer overflow in cmListFileLexer.c. It is reproducible through compiling cmake with the address sanitizer and calling cmake in the directory in which the attached file is located.
It is also possible to add characters to the end of both of the lines in the attached file which causes cmake to produce an ever larger heap overflow and may even cause a segmentation fault. It seems however, that the number of characters in the first line is linked to the number of characters in the bottom line, as it is only possible to reproduce this bug by increasing both of them simultaneously.
I was able to reproduce this bug on a debian system with and of the shelf cmake installation, as well as on arch linux.
cheers, project-repo