Integer-overflow in ff_rfps_add_frame |
||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6525044667449344 Fuzzer: libFuzzer_audio_decoder_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: ff_rfps_add_frame avformat_find_stream_info media::AudioFileReader::OpenDemuxer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6525044667449344 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Apr 21 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/4b5068a99a84ff2edb34aa0549afc89aa751ccb4 (Add audio_decoder_fuzzer fuzz target.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Apr 23 2018
,
Apr 24 2018
,
Dec 1
ClusterFuzz testcase 6525044667449344 appears to be flaky, updating reproducibility label.
,
Dec 1
Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.
,
Dec 1
Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.
,
Dec 12
ClusterFuzz has detected this issue as fixed in range 615699:615711. Detailed report: https://clusterfuzz.com/testcase?key=6525044667449344 Fuzzer: libFuzzer_audio_decoder_fuzzer Fuzz target binary: audio_decoder_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: ff_rfps_add_frame avformat_find_stream_info media::AudioFileReader::OpenDemuxer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=615699:615711 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6525044667449344 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 12
ClusterFuzz testcase 6525044667449344 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 12
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by ClusterFuzz
, Apr 21 2018Labels: Test-Predator-Auto-Components