New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 633387 link

Starred by 2 users
Status: Fixed
Owner:
thestig@chromium.org
Closed: Aug 2016
Cc:
sleffler@chromium.org
mummare...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Direct-leak in TIFFReadDirEntryLong8Array

Project Member Reported by ClusterFuzz, Aug 1 2016

Comment 1 by mummare...@chromium.org, Aug 1 2016

Labels: M-54 Te-Logged
Owner: thestig@chromium.org
Status: Assigned (was: Untriaged)
From findit tool:

Author: thestig
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/fcf61b39ee597c73e80ba789833fb7fe49878422
Time: Thu Jun 09 18:29:35 2016 -0700
The CL last changed line 204 of file fx_codec_tiff.cpp, which is stack frame 5.

Author: thestig
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/fcf61b39ee597c73e80ba789833fb7fe49878422
Time: Thu Jun 09 18:29:35 2016 -0700
The CL last changed line 1279 of file fx_codec_progress.cpp, which is stack frame 7.

Comment 2 by thestig@chromium.org, Aug 1 2016

Components: Internals>Plugins>PDF

Comment 3 by thestig@chromium.org, Aug 2 2016

Cc: sleffler@chromium.org
+sleffler FYI

Comment 4 by thestig@chromium.org, Aug 2 2016

Status: Started (was: Assigned)
https://codereview.chromium.org/2204793002/
Project Member

Comment 5 by bugdroid1@chromium.org, Aug 2 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8b63f90bfb5c8cd1bc2a951e47ef65d6993e4e4f

commit 8b63f90bfb5c8cd1bc2a951e47ef65d6993e4e4f
Author: thestig <thestig@chromium.org>
Date: Tue Aug 02 04:09:00 2016

Roll PDFium 3e454bf..8f79700

https://pdfium.googlesource.com/pdfium.git/+log/3e454bf..8f79700

BUG= 62625 , 633387 , 632709 
TEST=bots
TBR=ochang@chromium.org

Review-Url: https://codereview.chromium.org/2202923002
Cr-Commit-Position: refs/heads/master@{#409134}

[modify] https://crrev.com/8b63f90bfb5c8cd1bc2a951e47ef65d6993e4e4f/DEPS

Comment 6 by thestig@chromium.org, Aug 2 2016

Status: Fixed (was: Started)
Project Member

Comment 7 by ClusterFuzz, Aug 3 2016 

ClusterFuzz has detected this issue as fixed in range 409082:409160.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5986255351578624

Fuzzer: pdf_codec_tiff_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Direct-leak
Crash Address: 
Crash State:
  TIFFReadDirEntryLong8Array
  TIFFFetchStripThing
  TIFFReadDirectory
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408892:408895
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=409082:409160

Minimized Testcase (0.40 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94MWGtg-asGvKwtIGIt6p8HGdFiLtJdO-xh-0hHpfGQOCb6SXZ7Qn4FPsQWxtxQXNKj0UNde0N4BHxRD4zPg0l-lggbl-BKTHswYhiYXCHZrsmcSjfnxFdyHFcPlv1DrV_6ZNFOUxOd-Sm1RqbDSywdk7X-Cw?testcase_id=5986255351578624

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 8 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment