Issue 903665 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	chcunningham@chromium.org
Closed:	Dec 1
Cc:	liber...@chromium.org dalecur...@chromium.org wolenetz@chromium.org
Components:	Internals>Media>FFmpeg
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	3
Type:	Bug
Stability-Libfuzzer Clusterfuzz Unreproducible Stability-UndefinedBehaviorSanitizer Test-Predator-Auto-Components Test-Predator-Auto-Owner ClusterFuzz-Auto-CC

Integer-overflow in avformat_find_stream_info

Project Member Reported by ClusterFuzz, Nov 9

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5681438391009280

Fuzzer: libFuzzer_audio_decoder_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  avformat_find_stream_info
  media::AudioFileReader::OpenDemuxer
  media::AudioFileReader::Open
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=546308:546319

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5681438391009280

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Project Member

Comment 1 by ClusterFuzz, Nov 9

Components: Internals>Media>FFmpeg
Labels: Test-Predator-Auto-Components

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Project Member

Comment 2 by ClusterFuzz, Nov 9

Cc: mmoroz@chromium.org
Labels: ClusterFuzz-Auto-CC

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Project Member

Comment 3 by ClusterFuzz, Nov 9

Labels: Test-Predator-Auto-Owner
Owner: mmoroz@chromium.org
Status: Assigned (was: Untriaged)

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/4b5068a99a84ff2edb34aa0549afc89aa751ccb4 (Add audio_decoder_fuzzer fuzz target.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Comment 4 by mmoroz@chromium.org, Nov 9

Cc: -mmoroz@chromium.org liber...@chromium.org dalecur...@chromium.org wolenetz@chromium.org
Owner: ----
Status: Available (was: Assigned)

Comment 5 by dalecur...@chromium.org, Nov 13

Labels: -Pri-2 Pri-3
Owner: chcunningham@chromium.org
Status: Assigned (was: Available)

Project Member

Comment 6 by ClusterFuzz, Dec 1

Labels: -Reproducible Unreproducible

ClusterFuzz testcase 5681438391009280 appears to be flaky, updating reproducibility label.

Project Member

Comment 7 by ClusterFuzz, Dec 1

Status: WontFix (was: Assigned)

ClusterFuzz testcase 5681438391009280 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

►

Issue 903665 link

Issue metadata

Integer-overflow in avformat_find_stream_info

Issue description

Comment 1 by ClusterFuzz, Nov 9

Comment 1 Deleted

Comment 2 by ClusterFuzz, Nov 9

Comment 2 Deleted

Comment 3 by ClusterFuzz, Nov 9

Comment 3 Deleted

Comment 4 by mmoroz@chromium.org, Nov 9

Comment 4 Deleted

Comment 5 by dalecur...@chromium.org, Nov 13

Comment 5 Deleted

Comment 6 by ClusterFuzz, Dec 1

Comment 6 Deleted

Comment 7 by ClusterFuzz, Dec 1

Comment 7 Deleted

Sign in to add a comment