cups_ppdopen_fuzzer: Misaligned-address |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5276694510043136 Project: chromeos Fuzzer: libFuzzer_cups_ppdopen_fuzzer Fuzz target binary: cups_ppdopen_fuzzer Job Type: libfuzzer_asan_chromeos Platform Id: linux Crash Type: Misaligned-address Crash Address: Crash State: NULL Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_asan_chromeos&range=3186655:3189552 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5276694510043136 Issue filed automatically. See https://chromium.googlesource.com/chromiumos/docs/+/master/fuzzing.md#Reproducing-crashes-from-ClusterFuzz for instructions to reproduce this bug locally.
,
Dec 18
,
Dec 21
,
Jan 3
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/cups/+/b9c57dbb3e6a7f4a54233979c0f2e9532c614655 commit b9c57dbb3e6a7f4a54233979c0f2e9532c614655 Author: Piotr Pawliczek <pawliczek@google.com> Date: Thu Jan 03 23:04:34 2019 cups: Correct problem with misaligned address of _cups_sp_item_t struct Strings registered with functions declared in cups/string.h were sometimes converted in-place to _cups_sp_item_t structures. This caused problem with misaligned addresses of temporary _cups_sp_item_t structures created this way. This patch introduced a couple of modifications to string.c, now all used _cups_sp_item_t structures are created and filled in proper way. BUG= chromium:916203 , chromium:916206 , chromium:912219 TEST=Tested on nautilus with cros_fuzz Change-Id: I17b6106a1794aaf0a5bd10f05f3c0dc17362b9de Reviewed-on: https://chromium-review.googlesource.com/1390914 Commit-Ready: Piotr Pawliczek <pawliczek@chromium.org> Tested-by: Piotr Pawliczek <pawliczek@chromium.org> Reviewed-by: David Valleau <valleau@chromium.org> [modify] https://crrev.com/b9c57dbb3e6a7f4a54233979c0f2e9532c614655/cups/string.c
,
Jan 4
ClusterFuzz has detected this issue as fixed in range 3308066:3308594. Detailed report: https://clusterfuzz.com/testcase?key=5276694510043136 Project: chromeos Fuzzer: libFuzzer_cups_ppdopen_fuzzer Fuzz target binary: cups_ppdopen_fuzzer Job Type: libfuzzer_asan_chromeos Platform Id: linux Crash Type: Misaligned-address Crash Address: Crash State: NULL Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_asan_chromeos&range=3186655:3189552 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_asan_chromeos&range=3308066:3308594 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5276694510043136 See https://chromium.googlesource.com/chromiumos/docs/+/master/fuzzing.md#Reproducing-crashes-from-ClusterFuzz for instructions to reproduce this bug locally. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 4
ClusterFuzz testcase 5276694510043136 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ClusterFuzz
, Dec 18Labels: ClusterFuzz-Auto-CC