Undefined-shift in InitTable |
||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6294068934213632 Fuzzer: libfuzzer_pdf_codec_png_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=398272:398351 Minimized Testcase (3.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94nFyE1Bg6A6IOOco71xG5GbGZ9d5I6akb2KMvP-PadzKuurBLR4M9lw0YDDnHxBHKRiDYa1GIXlCZqyx037df-l-loZSjqoUVAbZyfMQSoRRPTZwKOMznslxBLgN-ylyBFQjRHUpD_DeEshWgzlTv6zSJqMg Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 16 2016
,
Jun 16 2016
,
Jun 22 2016
,
Jul 12 2016
ClusterFuzz has detected this issue as fixed in range 400146:400258. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6294068934213632 Fuzzer: libfuzzer_pdf_codec_png_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=398272:398351 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400146:400258 Minimized Testcase (3.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94nFyE1Bg6A6IOOco71xG5GbGZ9d5I6akb2KMvP-PadzKuurBLR4M9lw0YDDnHxBHKRiDYa1GIXlCZqyx037df-l-loZSjqoUVAbZyfMQSoRRPTZwKOMznslxBLgN-ylyBFQjRHUpD_DeEshWgzlTv6zSJqMg?testcase_id=6294068934213632 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 14 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5254845900783616 Fuzzer: libfuzzer_pdf_codec_gif_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=398351:399229 Minimized Testcase (0.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96XxRfJVAFKL25ax0gM2CQLY8Sb52B4yv_L74wg5x99tJes6yWuT6Mam4pVihLuOps5_NWDSeLhlDiqz2ob3P7GjAOwjsc8xabxliI6e2R-nr1r3MFS6RrI5awAXgY_IkOT19Pj1omFwNmMU9MJgoYHafsjHg?testcase_id=5254845900783616 Filer: ranjitkan See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jul 29 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6130838983147520 Fuzzer: libfuzzer_pdf_codec_gif_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400697:402043 Minimized Testcase (0.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv961wlOOPRkPFNQ4FilPTVYT-DAMJG5st8dJ90JwZ-hLEIm5Wrw_OfxakRu02XFzmZ5onXz5C2k62iFyZnJk48lku__WvmOZtylTF0BDob0b3WF09riyTV6JjuTiAqvsMib2NkopfPk2U54nCvSN2uYN0iO6yg?testcase_id=6130838983147520 Filer: mmohammad See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Oct 4 2016
Hi hong_zhang@, ClusterFuzz has detected this issue as fixed, so can we close this issue as fixed?
,
Oct 4 2016
Hi Soushi@, please go ahead.
,
Oct 4 2016
While detected fixed in #5, it looks like it wasn't fixed in #6 or #7. Can we please make sure we test for a repro before closing.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jan 9 2017
https://pdfium-review.googlesource.com/c/2161/
,
Jan 10 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c21db481b563e7a38dc6820bc84fca1db10873d4 commit c21db481b563e7a38dc6820bc84fca1db10873d4 Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org> Date: Tue Jan 10 21:17:38 2017 Roll src/third_party/pdfium/ d18b86743..29a9f87a8 (1 commit). https://pdfium.googlesource.com/pdfium.git/+log/d18b8674378b..29a9f87a8bcd $ git log d18b86743..29a9f87a8 --date=short --no-merges --format='%ad %ae %s' 2017-01-10 npm Restrict code size in CGifLZWDecoder BUG= 620661 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, see: http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls TBR=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2625763002 Cr-Commit-Position: refs/heads/master@{#442689} [modify] https://crrev.com/c21db481b563e7a38dc6820bc84fca1db10873d4/DEPS
,
Jan 11 2017
ClusterFuzz has detected this issue as fixed in range 442634:442702. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5254845900783616 Fuzzer: libfuzzer_pdf_codec_gif_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Sanitizer: undefined (UBSAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=398351:399229 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=442634:442702 Minimized Testcase (0.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96XxRfJVAFKL25ax0gM2CQLY8Sb52B4yv_L74wg5x99tJes6yWuT6Mam4pVihLuOps5_NWDSeLhlDiqz2ob3P7GjAOwjsc8xabxliI6e2R-nr1r3MFS6RrI5awAXgY_IkOT19Pj1omFwNmMU9MJgoYHafsjHg?testcase_id=5254845900783616 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 11 2017
ClusterFuzz has detected this issue as fixed in range 442634:442702. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6130838983147520 Fuzzer: libfuzzer_pdf_codec_gif_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: InitTable gif_load_frame CCodec_GifModule::LoadFrame Sanitizer: undefined (UBSAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400697:402043 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=442634:442702 Minimized Testcase (0.04 Kb): https://cluster-fuzz.appspot.com/download/AMIfv961wlOOPRkPFNQ4FilPTVYT-DAMJG5st8dJ90JwZ-hLEIm5Wrw_OfxakRu02XFzmZ5onXz5C2k62iFyZnJk48lku__WvmOZtylTF0BDob0b3WF09riyTV6JjuTiAqvsMib2NkopfPk2U54nCvSN2uYN0iO6yg?testcase_id=6130838983147520 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 11 2017
ClusterFuzz testcase 5254845900783616 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by mmoroz@chromium.org
, Jun 16 2016Components: Internals>Plugins>PDF