Ruby

I've fuzzed some crashes in the marshal loader. The docs are explicit about not handing untrusted data to these methods and all appear to be NULL derefs from RSTRING_PTR() (I checked the first few by hand and ran exploitable over the remainder) so not obviously catastrophic from a security perspective.

Attached please find a tgz containing the input data (from afl) and gdb session output (backtrace, set args ..., run, exploitable).

To reproduce from the command line:

ruby -e 'Marshal.load(STDIN)' < id:000001,sig:11,src:003955,op:havoc,rep:4

Today's ruby-2.2-head is affected, and as far back as ruby-2.1.5 at least (possibly earlier).