New issue
Advanced search Search tips

Issue 714432 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: May 2017
Cc:
EstimatedDays: ----
NextAction: ----
OS: Windows , Chrome
Pri: 2
Type: Bug



Sign in to add a comment

Fix preg parser crash found in clusterfuzz

Project Member Reported by ljusten@chromium.org, Apr 23 2017

Issue description

Project Member

Comment 1 by bugdroid1@chromium.org, May 2 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ee7474ea14ebc2764e277fdf03557851c1976038

commit ee7474ea14ebc2764e277fdf03557851c1976038
Author: ljusten <ljusten@chromium.org>
Date: Tue May 02 17:51:03 2017

Fix fuzzer crash for preg_parser

Preg files with strings containing valid code points, but invalid
characters (e.g. 65535) triggered a DCHECK because base::UTF16ToUTF8
(called from DecodePRegStringValue) accepts invalid characters, but
base::IsStringUTF8 (DCHECK'ed in base::Value) does not. This CL
rejects these invalid strings before putting them into base::Values.
The crash was found in a libfuzzer test.

BUG= 714432 
TEST=Added and checked test case to verify fix.

Review-Url: https://codereview.chromium.org/2852393002
Cr-Commit-Position: refs/heads/master@{#468704}

[add] https://crrev.com/ee7474ea14ebc2764e277fdf03557851c1976038/chrome/test/data/policy/gpo/fuzzer_corpus/invalid_encoding.pol
[add] https://crrev.com/ee7474ea14ebc2764e277fdf03557851c1976038/chrome/test/data/policy/gpo/invalid_encoding/registry.pol
[rename] https://crrev.com/ee7474ea14ebc2764e277fdf03557851c1976038/chrome/test/data/policy/gpo/parser_test/registry.pol
[modify] https://crrev.com/ee7474ea14ebc2764e277fdf03557851c1976038/components/policy/core/common/preg_parser.cc
[modify] https://crrev.com/ee7474ea14ebc2764e277fdf03557851c1976038/components/policy/core/common/preg_parser_unittest.cc

Sign in to add a comment