New issue
Advanced search Search tips

Issue 724829 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: May 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows
Pri: 1
Type: Bug-Security



Sign in to add a comment

<no crash state available>

Project Member Reported by ClusterFuzz, May 20 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5119652257857536

Fuzzer: inferno_js_fuzzer
Job Type: linux_ubsan_vptr_d8
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x7f67028f2010
Crash State:
  NULL
Sanitizer: undefined (UBSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=468979:469016

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5119652257857536


Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
 
Project Member

Comment 1 by sheriffbot@chromium.org, May 21 2017

Labels: M-59
Project Member

Comment 2 by sheriffbot@chromium.org, May 21 2017

Labels: Pri-1
Project Member

Comment 3 by ClusterFuzz, May 22 2017

Labels: OS-Android

Comment 4 by wfh@chromium.org, May 23 2017

Cc: haraken@chromium.org danno@chromium.org
this stack is hard to decode... seeing if I can get a better one
Project Member

Comment 5 by ClusterFuzz, May 23 2017

ClusterFuzz is analyzing your testcase. Developers can follow the progress at https://cluster-fuzz.appspot.com/testcase?key=4706677730574336

Comment 6 by wfh@chromium.org, May 23 2017

Components: Blink>JavaScript>WebAssembly
Owner: clemensh@chromium.org
Status: Assigned (was: Untriaged)
this looks wasmy as well...
Project Member

Comment 7 by ClusterFuzz, May 23 2017

Labels: OS-Windows
Project Member

Comment 8 by ClusterFuzz, May 23 2017

ClusterFuzz is analyzing your testcase. Developers can follow the progress at https://cluster-fuzz.appspot.com/testcase?key=4542637091848192
Project Member

Comment 9 by ClusterFuzz, May 23 2017

ClusterFuzz has detected this issue as fixed in range 473653:473706.

Detailed report: https://clusterfuzz.com/testcase?key=5119652257857536

Fuzzer: inferno_js_fuzzer
Job Type: linux_ubsan_vptr_d8
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x7f67028f2010
Crash State:
  NULL
Sanitizer: undefined (UBSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=468979:469016
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=473653:473706

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5119652257857536


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Status: Fixed (was: Assigned)
Fix was fixed by a5449b0fd65ab27f6ba6b5c95ba1328f24759230.
Project Member

Comment 11 by sheriffbot@chromium.org, May 23 2017

Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify
Labels: -M-59 M-60
Labels: Release-0-M60
Project Member

Comment 14 by sheriffbot@chromium.org, Aug 29 2017

Labels: -Restrict-View-SecurityNotify allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment