Issue metadata
Sign in to add a comment
|
Use-of-uninitialized-value in TIFFCleanup |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5681903354249216 Fuzzer: libfuzzer_pdf_codec_tiff_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: TIFFCleanup TIFFClose CCodec_TiffModule::DestroyDecoder Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=423366:423427 Minimized Testcase (0.38 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97TkYxQ5St6_Xn53v6zGItk8c0_80-Vg-1lRwfrvR8M6GdfwZez0hl8WTai08VMTQQrbdN9gBnT_DmVZIwK192NWz_d2gN6aGMTWK_RhwWEo2TQ4kFpY0HD36W6na5C8GK9aiga1mrfLFUjkjRxQAkjymom1Q?testcase_id=5681903354249216 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Nov 18 2016
,
Nov 18 2016
,
Nov 18 2016
awhalley@, please take a look and assign to appropriate dev. Thank you.
,
Nov 18 2016
Mind taking a look dsinclair@ ?
,
Nov 18 2016
,
Nov 21 2016
**** Bulk edit - please ignore if not applicable **** A friendly reminder that M55 Stable is launch is coming soon! Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and get it merged into the release branch latest by November 25th, 5:00 PM PST in order to make into the desktop Stable final build cut. Thank you!
,
Nov 21 2016
The tiff codec is part of XFA which is not enabled in any branch of Chrome.
,
Dec 16 2016
ClusterFuzz has detected this issue as fixed in range 438777:438804. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5681903354249216 Fuzzer: libfuzzer_pdf_codec_tiff_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: TIFFCleanup TIFFClose CCodec_TiffModule::DestroyDecoder Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=423366:423427 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=438777:438804 Minimized Testcase (0.38 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97TkYxQ5St6_Xn53v6zGItk8c0_80-Vg-1lRwfrvR8M6GdfwZez0hl8WTai08VMTQQrbdN9gBnT_DmVZIwK192NWz_d2gN6aGMTWK_RhwWEo2TQ4kFpY0HD36W6na5C8GK9aiga1mrfLFUjkjRxQAkjymom1Q?testcase_id=5681903354249216 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 16 2016
ClusterFuzz testcase 5681903354249216 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 16 2016
,
Jan 2 2017
I see nothing that would have fixed this. Reopening so it doesn't get lost.
,
Jan 3 2017
,
May 2 2017
Bulk-WontFixing these bugs. This was a bug on ClusterFuzz side, see bug 717534. We will start seeing new testcases auto-filed in a day or two. We can't leave these open as ClusterFuzz won't autoverify them after ClusterFuzz-Wrong label.
,
Aug 9 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 18 2017
We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, Nov 18 2016