New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 714951 link

Starred by 1 user
Status: Fixed
Owner:
sergeyu@chromium.org
Closed: Apr 2017
Cc:
honghaiz@chromium.org
sergeyu@chromium.org
pthatcher@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Crash in content::P2PSocketHostUdp::SetOption

Project Member Reported by ClusterFuzz, Apr 25 2017 
Detailed report: https://clusterfuzz.com/testcase?key=6581930675142656

Fuzzer: phoglund_webrtc_peerconnection
Job Type: linux_ubsan_vptr_chrome
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x000000000000
Crash State:
  content::P2PSocketHostUdp::SetOption
  content::P2PSocketDispatcherHost::OnSetOption
  _ZN3IPC8MessageTI25P2PHostMsg_SetOption_MetaSt5tupleIJiN7content15P2PSocketOptio
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_chrome&range=466679:466715

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6581930675142656


Additional requirements: Requires HTTP

Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by mummare...@chromium.org, Apr 25 2017

Cc: sergeyu@chromium.org pthatcher@chromium.org honghaiz@chromium.org
Components: Internals>Network
Labels: Test-Predator-Wrong M-58
Predator and regression range didn't given any suspected CL. could someone please take a look and help us to find correct owner?.
Thank you.

Comment 2 by sergeyu@chromium.org, Apr 25 2017

Owner: sergeyu@chromium.org
Status: Started (was: Untriaged)
This is a bug in P2PSocketHostUdp::SetOption() - it doesn't verify that the socked is still open. Should be a simple fix.

Comment 5 by sergeyu@chromium.org, Apr 26 2017

Status: Fixed (was: Started)

Sign in to add a comment