This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Heap-buffer-overflow, awesome!

Same root cause as another issue: parsing "sctp-port" in a non-data description.

ClusterFuzz has detected this issue as fixed in range 422769:422805.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6384286808932352

Fuzzer: libfuzzer_sdp_parser_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 4
Crash Address: 0x608000002818
Crash State:
  FindCodecById<cricket::VideoCodec>
  GetCodecWithPayloadType<cricket::VideoCodec>
  void webrtc::UpdateCodec<cricket::VideoContentDescription, cricket::VideoCodec>
  
Recommended Security Severity: Medium

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=419157:419245
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=422769:422805

Minimized Testcase (2.18 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94JXbVIQRPr5TaQgG-0pnyGy2yXbLHmF2v-02_M7Z4ShvtX0DZ1lIb7zLV9nVgxywZNZvBOcgFc8mogYjPqLPbb4wiOEoWUck1YZxuB-1tH8-cJCetV1umEzg9NV0y9eUTKtDlk8BGgmnb2mLihfKlTCPGdHA?testcase_id=6384286808932352

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot