Issue 677394 link

Starred by 1 user

Issue metadata

Status:	Verified
Owner:	----
Closed:	Jan 2017
Cc:	reed@google.com
Components:	Internals>Skia
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Reproducible Stability-Libfuzzer Clusterfuzz Stability-UndefinedBehaviorSanitizer M-57 ClusterFuzz-Verified Test-Predator-Wrong

Integer-overflow in walk_edges

Project Member Reported by ClusterFuzz, Dec 29 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4753361833558016

Fuzzer: libfuzzer_skia_path_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  walk_edges
  sk_fill_path
  SkScan::FillPath
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400437:400524

Minimized Testcase (0.25 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96t-R4hgsCZhWoMH5DFy_KO4fD7GoRSH5biN7aO3oB15x-rYoy3b03YU-gzyvT8HGKIMWqGKt08T8wPH4KTonEvu7YEW_V_GJdkpQ8hg4izWjUVZV9tPqEJlsf9tOD0vijdMKKwDEM32Kmpb5zInHGDXXgma692d41X4EucNPxjoW6h9_9OQG2sTsWiEVaQPfxthwsmWiE5MX21niWpwHJw8vT7JvtF4UmgQKTMBfIK3woXkmoTt5oIo8xZQFWJ01jNjp48_XU67RKb1BgK7DxDHdc5_8a27lDaBP8bhD00cg8WfipL9aIJiTvlToCh15Mv9raiTHTCs8t7bTw5ie0X-guVahRtn_PVLgwMF816v3aHKm4?testcase_id=4753361833558016

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by mummare...@chromium.org, Dec 29 2016

Cc: reed@google.com
Components: Internals>Skia
Labels: Test-Predator-Wrong M-57

Project Member

Comment 2 by ClusterFuzz, Jan 28 2017

ClusterFuzz has detected this issue as fixed in range 446702:446785.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4753361833558016

Fuzzer: libfuzzer_skia_path_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  walk_edges
  sk_fill_path
  SkScan::FillPath
  
Sanitizer: undefined (UBSAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400437:400524
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=446702:446785

Minimized Testcase (0.25 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96Ll490w86yajOU4MxpYPxaeAO9TJ3bZQStJioEYvUdyrT5mQSxab_S9FkROZ6FSYAFTp7r0-PQXKfcdpnEOrjhAi3sD7YkNrKJisiLLaWave0E7ECJRLMrJhRwjwlSSrDdK0PxnGmIMV_qALzIlIvPk2b-fS8ISuhb-1Epz0C9I_d_Nqi0J77otRVDKMRnjxLz8bQr5toK46vujKTj1mg8ms3LGwqWRKk7-VK2zK_KszuVSxUsnQpjMpxC588lU_ijDcVltAI3b9M5-thPA8NVgwEzU7ZZ_x06TsL9jTmvRAwR5IS6a8cIW4Dn0nkBZiW3Jtdti2bqeG5xLxyIeLO3iDe4BS4Qt8qhUvakexQA7Jw0uiU?testcase_id=4753361833558016

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Project Member

Comment 3 by ClusterFuzz, Jan 28 2017

Labels: ClusterFuzz-Verified
Status: Verified (was: Untriaged)

ClusterFuzz testcase 4753361833558016 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

►

Issue 677394 link

Issue metadata

Integer-overflow in walk_edges

Issue description

Comment 1 by mummare...@chromium.org, Dec 29 2016

Comment 1 Deleted

Comment 2 by ClusterFuzz, Jan 28 2017

Comment 2 Deleted

Comment 3 by ClusterFuzz, Jan 28 2017

Comment 3 Deleted

Sign in to add a comment