Skip to content

fuzzing crash (stack-overflow) in simplecpp::Macro::expandToken() #662

Open
Open
fuzzing crash (stack-overflow) in simplecpp::Macro::expandToken()#662
Labels
bugcrash
@firewave

Description

@firewave
firewave
opened on Jun 16, 2026
#define f)g(
#define g(x)g(g(g(x))
f))))))))))))
AddressSanitizer:DEADLYSIGNAL
=================================================================
==250913==ERROR: AddressSanitizer: stack-overflow on address 0x7ffd380f1ff8 (pc 0x7fa91bf3d167 bp 0x7ffd380f2>
    #0 0x7fa91bf3d167  (/usr/lib/libasan.so.8+0x13d167) (BuildId: ee5fbab73143ab257a66a33afe0f038a4af7a74e)
    #1 0x7fa91bf2d370 in operator new(unsigned long) (/usr/lib/libasan.so.8+0x12d370) (BuildId: ee5fbab73143a>
    #2 0x559390b352f2 in std::__new_allocator<simplecpp::Token const*>::allocate(unsigned long, void const*) >
    #3 0x559390b352f2 in std::allocator_traits<std::allocator<simplecpp::Token const*> >::allocate(std::alloc>
    #4 0x559390b352f2 in std::_Vector_base<simplecpp::Token const*, std::allocator<simplecpp::Token const*> >>
    #5 0x559390b352f2 in void std::vector<simplecpp::Token const*, std::allocator<simplecpp::Token const*> >:>
    #6 0x559390b35eb3 in void std::vector<simplecpp::Token const*, std::allocator<simplecpp::Token const*> >:>
    #7 0x559390b35eb3 in simplecpp::Macro::getMacroParameters(simplecpp::Token const*, bool) const /home/user>
    #8 0x559390b52e2a in simplecpp::Macro::expand(simplecpp::TokenList&, simplecpp::Location const&, simplecp>
    #9 0x559390b45e75 in simplecpp::Macro::expandArg(simplecpp::TokenList&, simplecpp::Token const*, simplecp>
    #10 0x559390b48e15 in simplecpp::Macro::expandToken(simplecpp::TokenList&, simplecpp::Location const&, si>
[...]
    #248 0x559390b5415b in simplecpp::Macro::expand(simplecpp::TokenList&, simplecpp::Location const&, simple>
    #249 0x559390b45e75 in simplecpp::Macro::expandArg(simplecpp::TokenList&, simplecpp::Token const*, simple>
    #250 0x559390b48e15 in simplecpp::Macro::expandToken(simplecpp::TokenList&, simplecpp::Location const&, s>

SUMMARY: AddressSanitizer: stack-overflow /home/user/CLionProjects/simplecpp/simplecpp.cpp:1874 in simplecpp:>
==250913==ABORTING

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugcrash

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions