CHECK failure: auth_data.size() >= kAaguidOffset + kAaguidSize in attestation_object.cc |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4927115892621312 Fuzzer: libFuzzer_ctap_response_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: auth_data.size() >= kAaguidOffset + kAaguidSize in attestation_object.cc device::AttestationObject::EraseAttestationStatement device::AuthenticatorMakeCredentialResponse::EraseAttestationStatement Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=545274:545289 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4927115892621312 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Mar 24 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/c3c049270b3679aaeb61b7d6431f9ab5dd20ef84 (Consolidate {Register, Sign}Response data). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Mar 26 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/70d6dbf2aa97b1d97163a700a32bec9155984768 commit 70d6dbf2aa97b1d97163a700a32bec9155984768 Author: Jun Choi <hongjunchoi@chromium.org> Date: Mon Mar 26 14:45:51 2018 Change none attestation statement DCHECK condition For "FIDO-U2F" attestation statement format, attestation credential data within authenticator data is always present. However, for attestation data received from CTAP authenticators, this may not be the case as the WebAuthN spec defines attested credential data as optional. Change the DCHECK conditions for none attestation statement format to execute only when attested credential data is present. Bug: 825455 Change-Id: Ie63f051846b67c9deaa1b6bb64de76efa49a7aa1 Reviewed-on: https://chromium-review.googlesource.com/979217 Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Commit-Queue: Jun Choi <hongjunchoi@chromium.org> Cr-Commit-Position: refs/heads/master@{#545785} [modify] https://crrev.com/70d6dbf2aa97b1d97163a700a32bec9155984768/device/fido/attestation_object.cc [modify] https://crrev.com/70d6dbf2aa97b1d97163a700a32bec9155984768/device/fido/authenticator_data.h
,
Mar 27 2018
,
Mar 27 2018
ClusterFuzz has detected this issue as fixed in range 545784:545796. Detailed report: https://clusterfuzz.com/testcase?key=4927115892621312 Fuzzer: libFuzzer_ctap_response_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: auth_data.size() >= kAaguidOffset + kAaguidSize in attestation_object.cc device::AttestationObject::EraseAttestationStatement device::AuthenticatorMakeCredentialResponse::EraseAttestationStatement Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=545274:545289 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=545784:545796 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4927115892621312 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 27 2018
ClusterFuzz testcase 4927115892621312 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Mar 24 2018Labels: Test-Predator-Auto-Components