New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 715035 link

Starred by 1 user
Status: Fixed
Owner:
rharrison@chromium.org
Closed: Sep 2017
Cc:
msrchandra@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug

Blocking:
issue 62400



Sign in to add a comment

Out-of-memory in pdf_codec_gif_fuzzer

Project Member Reported by ClusterFuzz, Apr 25 2017 
Detailed report: https://clusterfuzz.com/testcase?key=6238338349793280

Fuzzer: libfuzzer_pdf_codec_gif_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Out-of-memory (exceeds 2048 MB)
Crash Address: 
Crash State:
  pdf_codec_gif_fuzzer
  
Sanitizer: memory (MSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=453646:453684

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6238338349793280


Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by msrchandra@chromium.org, Apr 25 2017

Cc: msrchandra@chromium.org
Labels: M-60 Test-Predator-Wrong
Owner: dsinclair@chromium.org
Status: Assigned (was: Untriaged)
Predator and CL did not provide any possible suspects.
Using Code Search for the file, "pdf_codec_gif_fuzzer" assigning to the related owner.

@dsinclair -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

Comment 2 by dsinclair@chromium.org, Apr 25 2017

Blocking: 62400
Labels: -M-60
XFA issue.

Comment 3 by dsinclair@chromium.org, May 1 2017

Components: Internals>Plugins>PDF
Project Member

Comment 4 by ClusterFuzz, Jul 3 2017

Status: WontFix (was: Assigned)
ClusterFuzz testcase 6238338349793280 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Comment 5 by dsinclair@chromium.org, Jul 4 2017

Labels: ClusterFuzz-Wrong
Status: Available (was: WontFix)
Not sure why this would be fixed, we should verify.

Comment 6 by infe...@chromium.org, Sep 18 2017

Labels: -ClusterFuzz-Wrong
We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label.

Comment 7 by dsinclair@chromium.org, Sep 19 2017

Owner: rharrison@chromium.org

Comment 8 by rharrison@chromium.org, Sep 22 2017

Status: Started (was: Available)

Comment 9 by rharrison@chromium.org, Sep 22 2017

Status: Fixed (was: Started)
Looked at this a bit this morning. No longer reproduces for me. We have fixed some bugs in teh GIF code path recently, specifically rejecting malformed GIFs.

The test case I don't think is actually a valid GIF looking at hex dump and the fact other image viewers fail to open it.

Sign in to add a comment