New issue
Advanced search Search tips

Issue 601603 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: May 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Adding FFMPEG security regression test

Project Member Reported by tguilbert@chromium.org, Apr 7 2016

Issue description

Cluster fuzz reported a heap buffer overflow in  http://crbug.com/599625  and
 http://crbug.com/599846 .

This change adds an FFMPEG regression test that should be run on an ASAN build.

DaleCurtis will take care of uploading the fuzzed media. Uploading the media from 599625 should cover both cases. The media can be found on the orignal clusterfuzz report https://cluster-fuzz.appspot.com/testcase?key=5465468940320768 or here directly https://cluster-fuzz.appspot.com/download/AMIfv94Y_hu_e_RviVRmA4x2Gv3p9Y5GMKO5uKnIsdbWtM8S68gOiP4Qsz5wt4w8MbUo3SX2z_1bbgzPPmSWeYBnmvjZxAT1rBeG5OefCilgxfYF5ct66ABclZaUFy7pLlZ4amhfGzvaDx3Edj4GbRFn7qBdCmFT4nJ6Z4aTgdqQ0afzzI346Dk

 

Comment 1 by kenrb@chromium.org, Apr 8 2016

Components: Security
Labels: -Type-Bug-Security Type-Bug
Project Member

Comment 2 by bugdroid1@chromium.org, Apr 8 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/fdd3baca0c7713dddbfc97585ca9a854ea4747b4

commit fdd3baca0c7713dddbfc97585ca9a854ea4747b4
Author: tguilbert <tguilbert@chromium.org>
Date: Fri Apr 08 03:05:58 2016

Add ffmpeg security regression test

Adds a test for the clusterfuzz failures found in ASAN builds.
See  crbug.com/599625  and  crbug.com/599846 

BUG= 601603 
TEST=ran ffmpeg_regression_test, with and without the fix
REVIEW=dalecurtis

Review URL: https://codereview.chromium.org/1872643002

Cr-Commit-Position: refs/heads/master@{#385961}

[modify] https://crrev.com/fdd3baca0c7713dddbfc97585ca9a854ea4747b4/media/ffmpeg/ffmpeg_regression_tests.cc

Status: Fixed (was: Assigned)

Sign in to add a comment