New issue
Advanced search Search tips

Issue 841502 link

Starred by 1 user
Status: WontFix
Owner:
thestig@chromium.org
Closed: May 2018
Cc:
thestig@google.com
xhw...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug-Security



Sign in to add a comment

Use-of-uninitialized-value in event_del

Project Member Reported by ClusterFuzz, May 9 2018 
Detailed report: https://clusterfuzz.com/testcase?key=6417694006706176

Fuzzer: libFuzzer_mediasource_MP4_AACLC_AVC_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  event_del
  base::MessagePumpLibevent::~MessagePumpLibevent
  base::MessagePumpLibevent::~MessagePumpLibevent
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6417694006706176

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.
Project Member

Comment 1 by ClusterFuzz, May 9 2018

Components: Internals>Core
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.
Project Member

Comment 2 by ClusterFuzz, May 9 2018

Cc: xhw...@chromium.org
Labels: ClusterFuzz-Auto-CC
Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Comment 3 by xhw...@chromium.org, May 10 2018

Cc: -xhw...@chromium.org
Owner: xhw...@chromium.org
Assign to myself so I can see the report.

Comment 4 by xhw...@chromium.org, May 10 2018

Cc: xhw...@chromium.org
Owner: thestig@chromium.org
It seems it's a libevent or MessagePumpLibevent related.

thestig: Do you know who's the best owner for this issue?
Project Member

Comment 5 by sheriffbot@chromium.org, May 10 2018

Labels: Pri-1
Project Member

Comment 6 by sheriffbot@chromium.org, May 10 2018

Status: Assigned (was: Untriaged)

Comment 7 by thestig@chromium.org, May 15 2018

Cc: thestig@google.com

Comment 8 by thestig@chromium.org, May 15 2018

Status: WontFix (was: Assigned)
It's marked Unreproducible and I can't reproduce it locally either.
Project Member

Comment 9 by sheriffbot@chromium.org, Aug 22

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment