Issue 901273 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	chcunningham@chromium.org
Closed:	Dec 1
Cc:	liber...@chromium.org dalecur...@chromium.org wolenetz@chromium.org
Components:	Internals>Media>FFmpeg
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Stability-Libfuzzer Clusterfuzz Unreproducible Stability-UndefinedBehaviorSanitizer Test-Predator-Auto-Components Test-Predator-Auto-Owner ClusterFuzz-Auto-CC

Integer-overflow in mov_read_default

Project Member Reported by ClusterFuzz, Nov 2

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5608884797177856

Fuzzer: libFuzzer_audio_decoder_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  mov_read_default
  mov_switch_root
  mov_read_packet
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5608884797177856

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Project Member

Comment 1 by ClusterFuzz, Nov 2

Components: Internals>Media>FFmpeg
Labels: Test-Predator-Auto-Components

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Project Member

Comment 2 by ClusterFuzz, Nov 2

Cc: mmoroz@chromium.org
Labels: ClusterFuzz-Auto-CC

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Project Member

Comment 3 by ClusterFuzz, Nov 2

Labels: Test-Predator-Auto-Owner
Owner: mmoroz@chromium.org
Status: Assigned (was: Untriaged)

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/4b5068a99a84ff2edb34aa0549afc89aa751ccb4 (Add audio_decoder_fuzzer fuzz target.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Comment 4 by mmoroz@chromium.org, Nov 2

Cc: -mmoroz@chromium.org liber...@chromium.org dalecur...@chromium.org wolenetz@chromium.org
Owner: ----
Status: Available (was: Assigned)

Comment 5 by dalecur...@chromium.org, Nov 2

Owner: chcunningham@chromium.org
Status: Assigned (was: Available)

Project Member

Comment 6 by ClusterFuzz, Dec 1

Labels: -Reproducible Unreproducible

ClusterFuzz testcase 5608884797177856 appears to be flaky, updating reproducibility label.

Project Member

Comment 7 by ClusterFuzz, Dec 1

Status: WontFix (was: Assigned)

ClusterFuzz testcase 5608884797177856 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

►

Issue 901273 link

Issue metadata

Integer-overflow in mov_read_default

Issue description

Comment 1 by ClusterFuzz, Nov 2

Comment 1 Deleted

Comment 2 by ClusterFuzz, Nov 2

Comment 2 Deleted

Comment 3 by ClusterFuzz, Nov 2

Comment 3 Deleted

Comment 4 by mmoroz@chromium.org, Nov 2

Comment 4 Deleted

Comment 5 by dalecur...@chromium.org, Nov 2

Comment 5 Deleted

Comment 6 by ClusterFuzz, Dec 1

Comment 6 Deleted

Comment 7 by ClusterFuzz, Dec 1

Comment 7 Deleted

Sign in to add a comment