New issue
Advanced search Search tips

Issue 725973 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 719633
Owner: ----
Closed: May 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: ----
Type: Bug-Security



Sign in to add a comment

Use-of-uninitialized-value in libnss3.so

Project Member Reported by ClusterFuzz, May 24 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5795705930383360

Fuzzer: libfuzzer_net_host_resolver_impl_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  libnss3.so
  NSS_InitReadWrite
  crypto::NSSInitSingleton::NSSInitSingleton
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=474161:474211

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5795705930383360


Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
 

Comment 1 by mmenke@chromium.org, May 24 2017

Components: Internals>Network>Certificate

Comment 2 by eroman@chromium.org, May 24 2017

Mergedinto: 719633
Status: Duplicate (was: Untriaged)
I don't have access to bug to confirm callstack, but I expect this is a dupe of  issue 719633 .
Project Member

Comment 3 by ClusterFuzz, Jun 1 2017

ClusterFuzz has detected this issue as fixed in range 475922:475964.

Detailed report: https://clusterfuzz.com/testcase?key=5795705930383360

Fuzzer: libFuzzer_net_host_resolver_impl_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  libnss3.so
  NSS_InitReadWrite
  crypto::NSSInitSingleton::NSSInitSingleton
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=474161:474211
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=475922:475964

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5795705930383360


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Labels: -Restrict-View-SecurityTeam
Project Member

Comment 5 by sheriffbot@chromium.org, Aug 31 2017

Labels: allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment