Integer-overflow in av_add_stable |
||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6300751874490368 Fuzzer: libFuzzer_audio_decoder_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: av_add_stable compute_pkt_fields parse_packet Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6300751874490368 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jun 19 2018
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Jun 19 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/4b5068a99a84ff2edb34aa0549afc89aa751ccb4 (Add audio_decoder_fuzzer fuzz target.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jun 19 2018
,
Jun 20 2018
This doesn't look like a security problem, and can wait until I get back from vacation.
,
Jul 16
Patch submitted to ffmpeg: https://patchwork.ffmpeg.org/patch/9740/
,
Oct 17
Not a security issue, so lowering priority.
,
Oct 17
Assigning to current ffmpeg roller. My patch did not get accepted.
,
Dec 1
ClusterFuzz testcase 6300751874490368 appears to be flaky, updating reproducibility label.
,
Dec 1
ClusterFuzz testcase 6300751874490368 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 3
Sorry for the confusion, ClusterFuzz had a tough weekend :)
,
Dec 12
ClusterFuzz has detected this issue as fixed in range 615699:615711. Detailed report: https://clusterfuzz.com/testcase?key=6300751874490368 Fuzzer: libFuzzer_audio_decoder_fuzzer Fuzz target binary: audio_decoder_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: av_add_stable compute_pkt_fields parse_packet Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=615699:615711 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6300751874490368 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 12
ClusterFuzz testcase 6300751874490368 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 12
,
Dec 18
,
Jan 2
,
Jan 2
|
||||||||||||||
►
Sign in to add a comment |
||||||||||||||
Comment 1 by ClusterFuzz
, Jun 19 2018Labels: Test-Predator-Auto-Components