Issue metadata
Sign in to add a comment
|
Security: multiple crashes in upstream libtiff-4.0.7
Reported by
agostino...@gmail.com,
Dec 4 2016
|
||||||||||||||||||||||
Issue descriptionHello, I fuzzed the latest libtiff and I found multiple crashes. Only now I noticed that libtiff is used in pdfium, so here are the public bugs: ALREADY FIXED: http://bugzilla.maptools.org/show_bug.cgi?id=2594 http://bugzilla.maptools.org/show_bug.cgi?id=2596 http://bugzilla.maptools.org/show_bug.cgi?id=2597 http://bugzilla.maptools.org/show_bug.cgi?id=2598 http://bugzilla.maptools.org/show_bug.cgi?id=2599 http://bugzilla.maptools.org/show_bug.cgi?id=2504 http://bugzilla.maptools.org/show_bug.cgi?id=2505 http://bugzilla.maptools.org/show_bug.cgi?id=2507 http://bugzilla.maptools.org/show_bug.cgi?id=2508 http://bugzilla.maptools.org/show_bug.cgi?id=2510 http://bugzilla.maptools.org/show_bug.cgi?id=2511 http://bugzilla.maptools.org/show_bug.cgi?id=2519 http://bugzilla.maptools.org/show_bug.cgi?id=2520 http://bugzilla.maptools.org/show_bug.cgi?id=2521 UNDER REPRODUCTION FROM UPSTREAM: http://bugzilla.maptools.org/show_bug.cgi?id=2501 http://bugzilla.maptools.org/show_bug.cgi?id=2503 http://bugzilla.maptools.org/show_bug.cgi?id=2513 WAITING FROM A FEEDBACK BECAUSE THEY WERE FILED RECENTLY: http://bugzilla.maptools.org/show_bug.cgi?id=2623 http://bugzilla.maptools.org/show_bug.cgi?id=2624 http://bugzilla.maptools.org/show_bug.cgi?id=2625 I don't know if some codechanges apply to your version and I don't know if they are suitable for a reward, but in any case my focus is make chromium better. Thanks Agostino
,
May 18 2017
,
May 18 2017
Up until 2599, all of the bugs are fixed/not applicable. The others seem like a typo, did you mean 2604 instead of 2504 etc? Anyways, we currently have libtiff disabled and will probably have it disabled for a while. So I think having them fixed upstream and getting the fixes from upstream when we update our version (currently 4.0.7) is good enough. Thank you for your work in libtiff security!
,
Aug 25 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by och...@chromium.org
, Dec 5 2016Components: Internals>Plugins>PDF
Labels: Security_Impact-None
Owner: dsinclair@chromium.org
Status: Assigned (was: Unconfirmed)