Monorail Project: oss-fuzz Issues People Development process History Sign in
New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 2 users
Status: Verified
Owner: ----
Closed: Feb 2017
Cc:
Type: Bug-Security



Sign in to add a comment
icu: Heap-buffer-overflow in utf8TextAccess
Project Member Reported by monor...@clusterfuzz-external.iam.gserviceaccount.com, Jan 21 2017 Back to list
Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4645398303997952

Project: icu
Fuzzer: libFuzzer_icu_ucasemap_fuzzer
Fuzz target binary: ucasemap_fuzzer
Job Type: libfuzzer_asan_icu
Platform Id: linux

Crash Type: Heap-buffer-overflow WRITE 1
Crash Address: 0x6150000004e0
Crash State:
  utf8TextAccess
  utext_access
  utext_moveIndex32_59
  
Sanitizer: address (ASAN)

Recommended Security Severity: High

Minimized Testcase (0.90 Kb): https://clusterfuzz-external.appspot.com/download/AMIfv95wsLqmb7MNOkMr5p3F4hJNtlxCtH815Xt7UQHr919SPbCydDBgzDz4dZiW1LACLYni-A8JvCzVK12UpTy8AyIIxtdH5Uy1ZA1xP-QkNfPS5wyyGpbV6FpCFXzTNmFljQWCickXSjtyIoQ-LDPgEIyLrBS0JcR_jWgE52Y6AhaYfY3Wf-X4FEwKpXLotWp-mPc0mLAITpcaoEHMXxLwti0vXyr2YicgFI30cgAPD7Rv6q7rXpQds5hQw_Do9e3cBO1sJ-LfA1PFWEKFDmTEC2O1svKmU6WMZZUj1UqvJwwO8Am7cYQLQC3obseQCoLYQTe2y_lLlcPnSq3EVNcmE-uPxa6VUbjlqiz-tJ7M_5f14ZQUUWbh7_ZnE9fxvpcqa50cMZHs?testcase_id=4645398303997952

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.
 
Project Member Comment 1 by kcc@google.com, Jan 21 2017
Cc: mscherer@google.com aheninger@google.com roubert@google.com
Labels: Reported-2017-01-20
Cc: icu-team@google.com
ClusterFuzz has detected this issue as fixed in range 201702132129:201702140127.

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4645398303997952

Project: icu
Fuzzer: libFuzzer_icu_ucasemap_fuzzer
Fuzz target binary: ucasemap_fuzzer
Job Type: libfuzzer_asan_icu
Platform Id: linux

Crash Type: Heap-buffer-overflow WRITE 1
Crash Address: 0x6150000004e0
Crash State:
  utf8TextAccess
  utext_moveIndex32_59
  icu_59::ThaiBreakEngine::divideUpDictionaryRange
  
Sanitizer: address (ASAN)

Recommended Security Severity: High

Fixed: https://clusterfuzz-external.appspot.com/revisions?job=libfuzzer_asan_icu&range=201702132129:201702140127

Reproducer Testcase: https://clusterfuzz-external.appspot.com/download/AMIfv94KEAgjhFGo2AuVpsKvGjjRPUDqG57-5279AdQTnpSRWnUV-pYfkPiZKYUmj1M0CHlcRJXpAt-feW1QS_JiIWzXY5O-GT818WipNkJNAJ4PONoJCdUPYPH_p1YCIA5VQNvBqOyiyQnPLrOnQzggLmoqEmBvLzczvXrcijYq1trlUxsKgMY2661SMoI0Xd1aV8LQLeD_NPx7iBEX6CLtj1Lvxteh8p1VWRZIAiem1z7N67Sl3JTnxvlNw2fXBV_oGhLrTjDJyjI4qjCstMxgginuC2yZG95vHMC_hwdpVrruKAXuUg-ERgqbJeuAnlwnoyGQ4M_qvYOGqj9LgTbhPqP73x7w-5C-p_GcSCU2ctz2FTA8dx1lpz1Y-8bd4uFNjWIEsFFh?testcase_id=4645398303997952


See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Labels: ClusterFuzz-Verified
Status: Verified
ClusterFuzz testcase 4645398303997952 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
Project Member Comment 6 by kcc@google.com, Feb 14 2017
Cc: benl@google.com
Project Member Comment 7 by sheriffbot@chromium.org, Feb 21 2017
Labels: -restrict-view-commit
This bug has been fixed for 7 days. It has been opened to the public.

- Your friendly Sheriffbot
Project Member Comment 8 by ochang@google.com, Feb 24 2017
Labels: Engine-libfuzzer
Sign in to add a comment