Issue 618998 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	dsinclair@chromium.org
Closed:	Aug 2016
Components:	Internals>Plugins>PDF
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Te-Logged Reproducible Stability-Memory-AddressSanitizer Stability-Memory-LeakSanitizer Stability-Libfuzzer Clusterfuzz

Direct-leak in png_malloc_base

Project Member Reported by ClusterFuzz, Jun 10 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5112047268528128

Fuzzer: pdf_codec_png_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Direct-leak
Crash Address: 
Crash State:
  png_malloc_base
  png_malloc_warn
  png_handle_pCAL
  

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95k3lyawF1R_RfJQXZC7MZ1fF2ll33cBLKnZX7-UHjUo703jxJTI-OPdDl9mO-q6nGOI8N8x_G3jdrilSE81zyNjhuyQ3RrYHJoJgsyUf1ZkrUYdrhem5heKF-SpHXPGgDCIZYwgK3RAN0DcYnpvhGZqrSpyQ


Filer: ashejole

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by ashej...@chromium.org, Jun 10 2016

Components: Tools>Test>FindIt>NoResult
Labels: Te-Logged

Comment 2 by ashej...@chromium.org, Jun 10 2016

Labels: Needs-triage
Status: Untriaged (was: Available)

Comment 3 by thestig@chromium.org, Jul 16 2016

Components: Internals>Plugins>PDF
Labels: -Needs-triage

Project Member

Comment 4 by ClusterFuzz, Jul 31 2016

ClusterFuzz has detected this issue as fixed in range 408389:408457.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5112047268528128

Fuzzer: pdf_codec_png_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Direct-leak
Crash Address: 
Crash State:
  png_malloc_base
  png_malloc_warn
  png_handle_pCAL
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=398287:398366
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408389:408457

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95k3lyawF1R_RfJQXZC7MZ1fF2ll33cBLKnZX7-UHjUo703jxJTI-OPdDl9mO-q6nGOI8N8x_G3jdrilSE81zyNjhuyQ3RrYHJoJgsyUf1ZkrUYdrhem5heKF-SpHXPGgDCIZYwgK3RAN0DcYnpvhGZqrSpyQ?testcase_id=5112047268528128


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Comment 5 by dsinclair@chromium.org, Aug 2 2016

Owner: dsinclair@chromium.org
Status: Fixed (was: Untriaged)

Marking fixed as per #4.

Comment 6 by kateso...@chromium.org, Oct 18 2016

Components: -Tools>Test>FindIt>NoResult

Project Member

Comment 7 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 618998 link

Issue metadata

Direct-leak in png_malloc_base

Issue description

Comment 1 by ashej...@chromium.org, Jun 10 2016

Comment 1 Deleted

Comment 2 by ashej...@chromium.org, Jun 10 2016

Comment 2 Deleted

Comment 3 by thestig@chromium.org, Jul 16 2016

Comment 3 Deleted

Comment 4 by ClusterFuzz, Jul 31 2016

Comment 4 Deleted

Comment 5 by dsinclair@chromium.org, Aug 2 2016

Comment 5 Deleted

Comment 6 by kateso...@chromium.org, Oct 18 2016

Comment 6 Deleted

Comment 7 by sheriffbot@chromium.org, Nov 22 2016

Comment 7 Deleted

Sign in to add a comment