Issue metadata
Sign in to add a comment
|
Direct-leak in av_reallocp |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6383993391153152 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: av_reallocp dyn_buf_write writeout Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=425682:425723 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv969DjCYuBH83vyR_MA4Tmi2ST3j1H_2w6bMH6XRIQIrK9Qt2Fj55EgvNgkcb4VXEQg7y163t1XGB2RLf5dHnEOAZBTx2taIp7Jj7vkQYqmAnfY-HqUi2jZf3ytHk6pQn7jhMblbUHKYH2XpZ-xFeOJ2seb_DDuNdVS-MJ5oY-cgWgkzI7Umk07FImnBc606E_w9nuQFYLc3kove3WD1-R4Sx8UbB1lN7uRh3muoWiauhYvyICUv0aHwXeUMc8zEvLRHqRWYWBtimWgPF61J2FZYOq_YbGvupCpw_WqAzV1-Rp39CWMIcHIbgXACSI6GeBDSzZ4cyocK8gHFmc5QwJUCL9dg3U1xXwzes7xVGpRmKWtSfZ1OnrHHXOwprodOomQtnfq67RrNn7-Jakb6tVcT0_RYiA?testcase_id=6383993391153152 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Feb 7 2017
,
Feb 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/a6a79bda55868f7faee0f183a45191d3251fb5f1 commit a6a79bda55868f7faee0f183a45191d3251fb5f1 Author: Fredrik Hubinette <hubbe@google.com> Date: Tue Feb 07 20:30:51 2017 Fix minor ffmpeg memory leak in id3v2 parsing. BUG= 689339 Change-Id: Id17b3458f469da72986e2f5090f25118be2c61d4 Reviewed-on: https://chromium-review.googlesource.com/439405 Reviewed-by: Dale Curtis <dalecurtis@chromium.org> [modify] https://crrev.com/a6a79bda55868f7faee0f183a45191d3251fb5f1/libavformat/id3v2.c [modify] https://crrev.com/a6a79bda55868f7faee0f183a45191d3251fb5f1/chromium/patches/README
,
Feb 8 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b4dcc0a8ef699fa581b78b9a7912a23d45e5ac5b commit b4dcc0a8ef699fa581b78b9a7912a23d45e5ac5b Author: wolenetz <wolenetz@chromium.org> Date: Wed Feb 08 00:57:52 2017 Roll src/third_party/ffmpeg/ 785631123..239c9f9e2 (2 commits). https://chromium.googlesource.com/chromium/third_party/ffmpeg.git/+log/785631123a41..239c9f9e2754 $ git log 785631123..239c9f9e2 --date=short --no-merges --format='%ad %ae %s' 2017-02-07 wolenetz avcodec/flacdsp: Avoid undefined operations in non debug builds 2017-02-07 hubbe Fix minor ffmpeg memory leak in id3v2 parsing. BUG=686513,640820, 689339 TBR=hubbe@chromium.org,dalecurtis@chromium.org Review-Url: https://codereview.chromium.org/2684593004 Cr-Commit-Position: refs/heads/master@{#448826} [modify] https://crrev.com/b4dcc0a8ef699fa581b78b9a7912a23d45e5ac5b/DEPS
,
Feb 8 2017
ClusterFuzz has detected this issue as fixed in range 448821:448867. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6383993391153152 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: av_reallocp dyn_buf_write writeout Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=425682:425723 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=448821:448867 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv969DjCYuBH83vyR_MA4Tmi2ST3j1H_2w6bMH6XRIQIrK9Qt2Fj55EgvNgkcb4VXEQg7y163t1XGB2RLf5dHnEOAZBTx2taIp7Jj7vkQYqmAnfY-HqUi2jZf3ytHk6pQn7jhMblbUHKYH2XpZ-xFeOJ2seb_DDuNdVS-MJ5oY-cgWgkzI7Umk07FImnBc606E_w9nuQFYLc3kove3WD1-R4Sx8UbB1lN7uRh3muoWiauhYvyICUv0aHwXeUMc8zEvLRHqRWYWBtimWgPF61J2FZYOq_YbGvupCpw_WqAzV1-Rp39CWMIcHIbgXACSI6GeBDSzZ4cyocK8gHFmc5QwJUCL9dg3U1xXwzes7xVGpRmKWtSfZ1OnrHHXOwprodOomQtnfq67RrNn7-Jakb6tVcT0_RYiA?testcase_id=6383993391153152 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Feb 8 2017
ClusterFuzz testcase 6383993391153152 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Oct 23 2017
hubbe@, did you attempt to upstream this?
,
Oct 23 2017
Don't remember. (Which probably means no.)
,
Oct 24 2017
Can you go ahead and submit it upstream then? Upstreaming patches is each roller's responsibility.
,
Oct 24 2017
,
Oct 24 2017
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by nyerramilli@chromium.org
, Feb 7 2017Labels: -Type-Bug Test-Predator-Wrong-CLs M-58 Type-Bug-Regression
Owner: dalecur...@chromium.org
Status: Assigned (was: Untriaged)