Issue 917783 link

Starred by 2 users

Issue metadata

Status:	Assigned
Owner:	thestig@chromium.org
Cc:	pnangunoori@chromium.org
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Reproducible Clusterfuzz Stability-UndefinedBehaviorSanitizer M-72 Test-Predator-Wrong

Integer-overflow in FX_RECT::Width

Project Member Reported by ClusterFuzz, Dec 25

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5162342622691328

Fuzzer: attekett_surku_fuzzer
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  FX_RECT::Width
  CPDF_RenderStatus::ProcessType3Text
  CPDF_RenderStatus::ProcessObjectNoClip
  
Sanitizer: undefined (UBSAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5162342622691328

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

Comment 1 by pnangunoori@chromium.org, Dec 27

Cc: pnangunoori@chromium.org
Labels: M-72 Test-Predator-Wrong
Owner: thestig@chromium.org
Status: Assigned (was: Untriaged)

Predator and CL could not provide any possible suspects.
Using the code search for the file, “cpdf_renderstatus.cpp” assigning to owner concerned from GIT blame.
Suspecting Commit#
https://pdfium.googlesource.com/pdfium.git/+/b20364c990152495dc259a4a8fc36cdd7dbd7ca4

@thestig -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes.
Thank You.

►

Issue 917783 link

Issue metadata

Integer-overflow in FX_RECT::Width

Issue description

Comment 1 by pnangunoori@chromium.org, Dec 27

Comment 1 Deleted

Sign in to add a comment