Issue metadata
Sign in to add a comment
|
Integer-overflow in uprv_decNumberFromString_58 |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5652488129871872 Fuzzer: libfuzzer_icu_number_format_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: uprv_decNumberFromString_58 icu_58::DigitList::set icu_58::DecimalFormat::subparse Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Minimized Testcase (10.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94qw1V-LClOTM1b9fuxzvmjvSful6GFLULDs4-aBo5rgeffEmjnb46BifLlLFuPG1Bl8OvjS0DiSAcXNaOPKIq3gP3LiL0RNd3V9gmcDZTEnT2FE6ynfK-ZxYAkFlWHopaMMFHyWfIbZB9TTTUxL3cwRnPwCg?testcase_id=5652488129871872 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Nov 21 2016
Unable to find the possible suspect using Code Search or find it. Assigning it to the concern owner from the ICU regressed range and suspecting the following, Suspected CL# https://chromium.googlesource.com/chromium/deps/icu/+/ffa4b6704cf5cc9fec9485731f24a05b2ba94bca @Mike Aizatsky -- Could you please look into the issue, kindly re-assign if this is not related to your change. Thank You.
,
Nov 21 2016
I am the author of the fuzzer, i.e. a tool that uncovered a bug. I have nothing to do with the library code.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 5 2016
@aizatsky -- Thank You for the update.
,
Feb 22 2017
Using Code Search for the file, "decNumber.c" assigning to the concern owner. Suspecting Commit# https://chromium.googlesource.com/chromium/deps/icu.git/+/5feb9ad55c4d3609585820244d59a4462632540c @jshin -- Could you please look into the issue, kindly re-assign if this is not related to your changes. Thank You.
,
Oct 24 2017
For more information, please see https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md. The link referenced in the description is no longer valid. (bulk edit)
,
Dec 20 2017
ClusterFuzz has detected this issue as fixed in range 525156:525174. Detailed report: https://clusterfuzz.com/testcase?key=5652488129871872 Fuzzer: libFuzzer_icu_number_format_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: uprv_decNumberFromString_59 icu_59::DigitList::set icu_59::DecimalFormat::subparse Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=525156:525174 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5652488129871872 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 20 2017
ClusterFuzz testcase 5652488129871872 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 23 2017
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by ajha@chromium.org
, Nov 21 2016