Null-dereference READ in safe_browsing::dmg::ConvertBigEndian |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5397431595565056 Fuzzer: libFuzzer_safe_browsing_hfs_fuzzer Job Type: mac_libfuzzer_chrome_asan Platform Id: mac Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: safe_browsing::dmg::ConvertBigEndian safe_browsing::dmg::ConvertBigEndian safe_browsing::dmg::HFSBTreeIterator::ReadCurrentLeaf Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=509376:509426 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5397431595565056 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Nov 14 2017
,
Nov 14 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/2c1e2cdf14541bb871ffd78bdac35bc703fe70c5 commit 2c1e2cdf14541bb871ffd78bdac35bc703fe70c5 Author: Robert Sesek <rsesek@chromium.org> Date: Tue Nov 14 19:23:49 2017 Fix null-deref under safe_browsing::dmg::ConvertBigEndian(). Bug: 784379 Change-Id: I32e8145ecefbf275ae04a7c9c07c117d517ce4a2 Reviewed-on: https://chromium-review.googlesource.com/768853 Reviewed-by: Jialiu Lin <jialiul@chromium.org> Commit-Queue: Robert Sesek <rsesek@chromium.org> Cr-Commit-Position: refs/heads/master@{#516383} [modify] https://crrev.com/2c1e2cdf14541bb871ffd78bdac35bc703fe70c5/chrome/utility/safe_browsing/mac/hfs.cc
,
Nov 15 2017
ClusterFuzz has detected this issue as fixed in range 516325:516519. Detailed report: https://clusterfuzz.com/testcase?key=5397431595565056 Fuzzer: libFuzzer_safe_browsing_hfs_fuzzer Job Type: mac_libfuzzer_chrome_asan Platform Id: mac Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: safe_browsing::dmg::ConvertBigEndian safe_browsing::dmg::ConvertBigEndian safe_browsing::dmg::HFSBTreeIterator::ReadCurrentLeaf Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=509376:509426 Fixed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=516325:516519 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5397431595565056 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 15 2017
ClusterFuzz testcase 5397431595565056 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||
►
Sign in to add a comment |
|||
Comment 1 by ClusterFuzz
, Nov 13 2017Owner: rsesek@chromium.org
Status: Assigned (was: Untriaged)