Issue metadata
Sign in to add a comment
|
Use-of-uninitialized-value in TIFFFetchNormalTag |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6398664298987520 Fuzzer: libfuzzer_pdf_codec_tiff_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: TIFFFetchNormalTag TIFFReadDirectory TIFFClientOpen Sanitizer: memory (MSAN) Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=400803:400900 Minimized Testcase (0.38 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97JMAlz2KQWUO3kFe2Yt84ePBqtcoiOCJxBZSvT-SZEvuFqGq1yFi1hIDGE0OcsA-TKIyEODz-yfWkDUmZqGuMrw4_rZG0ycX1uOU-qnsbQhDTgH7Lc4a-mmXDW5Tt6y5sWbaB2-8KLNZ2rQafXZ8I5dtvtgQ?testcase_id=6398664298987520 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jan 9 2017
,
Jan 9 2017
dsinclair: Possibly caused by https://pdfium.googlesource.com/pdfium.git/+/54d027dbbff8a0270531855082e4f61cb457c173
,
Jan 10 2017
Tiff parser is XFA only.
,
Jan 12 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f595ad7b407516b53f00b1766a469f59b32c9204 commit f595ad7b407516b53f00b1766a469f59b32c9204 Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org> Date: Thu Jan 12 01:19:27 2017 Roll src/third_party/pdfium/ 96f482c9c..d805eec52 (2 commits). https://pdfium.googlesource.com/pdfium.git/+log/96f482c9cd3c..d805eec52f6a $ git log 96f482c9c..d805eec52 --date=short --no-merges --format='%ad %ae %s' 2017-01-11 tsepez Use observed pointers in CPDFSDK_AnnotIterator. 2017-01-11 npm Make tiff_read return actual length read BUG= 679230 , 670928 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, see: http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls TBR=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2625253002 Cr-Commit-Position: refs/heads/master@{#443105} [modify] https://crrev.com/f595ad7b407516b53f00b1766a469f59b32c9204/DEPS
,
Jan 12 2017
ClusterFuzz has detected this issue as fixed in range 443057:443122. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6398664298987520 Fuzzer: libfuzzer_pdf_codec_tiff_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: TIFFFetchNormalTag TIFFReadDirectory TIFFClientOpen Sanitizer: memory (MSAN) Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=400803:400900 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=443057:443122 Minimized Testcase (0.38 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97JMAlz2KQWUO3kFe2Yt84ePBqtcoiOCJxBZSvT-SZEvuFqGq1yFi1hIDGE0OcsA-TKIyEODz-yfWkDUmZqGuMrw4_rZG0ycX1uOU-qnsbQhDTgH7Lc4a-mmXDW5Tt6y5sWbaB2-8KLNZ2rQafXZ8I5dtvtgQ?testcase_id=6398664298987520 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 12 2017
ClusterFuzz testcase 6398664298987520 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Jan 12 2017
,
Apr 20 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, Jan 9 2017