Issue 643791 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Dec 2016
Cc:	attek...@gmail.com
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug-Security
Reproducible Security_Severity-Low Security_Impact-Stable Stability-Memory-MemorySanitizer allpublic Clusterfuzz

Use-of-uninitialized-value in search_visit_func

Project Member Reported by ClusterFuzz, Sep 2 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5965679046164480

Fuzzer: svg_xml_tokenfuzz
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  search_visit_func
  ftw_dir
  ftw_startup
  
Recommended Security Severity: Low

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_msan_chrome&range=350781:350971

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95ai19eyJ3csUgef8EbDOfmIu6uNrucUhsPl5zg1hKShfgOyGA_sGp2rx7_a3wlG7cx6a6McyA9uiUFU3tI65hItqA9wlzIdMLUnkDJMNZL-G7Ow5J5K-osRsIFHuYA7BZkkCI1mH9h6uP4oJ2mgV_qrBpyij5ZlT3wNvjokQwM5rvzz6w?testcase_id=5965679046164480


Additional requirements: Requires Gestures

Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by vakh@chromium.org, Sep 2 2016

Cc: mbarbe...@chromium.org
Owner: infe...@chromium.org
Status: Assigned (was: Untriaged)

This doesn't seem like a product issue but a fuzzer issue since the call stack is all GTK related. Can you please take a look and triage appropriately? Thanks.

Comment 2 by aarya@google.com, Sep 3 2016

Cc: -mbarbe...@chromium.org
Owner: ----
Status: ExternalDependency (was: Assigned)

Lets keep this in external dependency since this is gtk issue.

Project Member

Comment 3 by sheriffbot@chromium.org, Sep 3 2016

Labels: Pri-2

Project Member

Comment 4 by ClusterFuzz, Dec 5 2016

Status: WontFix (was: ExternalDependency)

ClusterFuzz testcase is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Comment 5 by dominickn@chromium.org, Dec 20 2016

Cc: attek...@gmail.com

 Issue 675187  has been merged into this issue.

Project Member

Comment 6 by sheriffbot@chromium.org, Mar 14 2017

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 643791 link

Issue metadata

Use-of-uninitialized-value in search_visit_func

Issue description

Comment 1 by vakh@chromium.org, Sep 2 2016

Comment 1 Deleted

Comment 2 by aarya@google.com, Sep 3 2016

Comment 2 Deleted

Comment 3 by sheriffbot@chromium.org, Sep 3 2016

Comment 3 Deleted

Comment 4 by ClusterFuzz, Dec 5 2016

Comment 4 Deleted

Comment 5 by dominickn@chromium.org, Dec 20 2016

Comment 5 Deleted

Comment 6 by sheriffbot@chromium.org, Mar 14 2017

Comment 6 Deleted

Sign in to add a comment