forked from n132/ARVO-Meta
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path10126.json
132 lines (132 loc) · 7.35 KB
/
10126.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
{
"fix": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c9daf790abfc06e8ca3a44652542c577bb67d49",
"verify": "0",
"localId": 10126,
"project": "libxml2",
"fuzzer": "libfuzzer",
"sanitizer": "msan",
"crash_type": "Use-of-uninitialized-value",
"severity": "Medium",
"report": {
"comments": [
{
"projectName": "oss-fuzz",
"localId": 10126,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1535692602,
"content": "Detailed report: https://oss-fuzz.com/testcase?key=5101274207354880\n\nProject: libxml2\nFuzzer: libFuzzer_libxml2_xml_read_memory_fuzzer\nFuzz target binary: libxml2_xml_read_memory_fuzzer\nJob Type: libfuzzer_msan_libxml2\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n xmlParseCharEncoding\n xmlFindCharEncodingHandler\n xmlGetCharEncodingHandler\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201808300305:201808310245\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5101274207354880\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.\n\nWhen you fix this bug, please\n * mention the fix revision(s).\n * state whether the bug was a short-lived regression or an old bug in any stable releases.\n * add any other useful information.\nThis information can help downstream consumers.\n\nIf you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues.",
"descriptionNum": 1
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 1,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1535693048,
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "OS-Linux"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 2,
"commenter": {
"userId": "543268000",
"displayName": "[email protected]"
},
"timestamp": 1535706427,
"content": "Looks like a false positive."
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 3,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1536747811,
"content": "This crash occurs very frequently on linux platform and is likely preventing the fuzzer libxml2_xml_read_memory_fuzzer from making much progress. Fixing this will allow more bugs to be found.\n\nIf this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new",
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "Fuzz-Blocker"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 4,
"commenter": {
"userId": "543268000",
"displayName": "[email protected]"
},
"timestamp": 1536752982,
"content": "This seems to be caused by:\r\n\r\nhttps://github.com/google/sanitizers/issues/993\r\nhttps://github.com/google/oss-fuzz/issues/1801\r\nhttps://github.com/google/oss-fuzz/issues/1802\r\n"
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 5,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1537404173,
"content": "ClusterFuzz has detected this issue as fixed in range 201809190258:201809192224.\n\nDetailed report: https://oss-fuzz.com/testcase?key=5101274207354880\n\nProject: libxml2\nFuzzer: libFuzzer_libxml2_xml_read_memory_fuzzer\nFuzz target binary: libxml2_xml_read_memory_fuzzer\nJob Type: libfuzzer_msan_libxml2\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n xmlParseCharEncoding\n xmlFindCharEncodingHandler\n xmlGetCharEncodingHandler\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201808300305:201808310245\nFixed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201809190258:201809192224\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5101274207354880\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nIf you suspect that the result above is incorrect, try re-doing that job on the test case report page."
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 6,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1537404630,
"content": "ClusterFuzz testcase 5101274207354880 is verified as fixed, so closing issue as verified.\n\nIf this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new",
"amendments": [
{
"fieldName": "Status",
"newOrDeltaValue": "Verified",
"oldValue": "New"
},
{
"fieldName": "Labels",
"newOrDeltaValue": "ClusterFuzz-Verified"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10126,
"sequenceNum": 7,
"commenter": {
"userId": "4164592774",
"displayName": "[email protected]"
},
"timestamp": 1540049048,
"content": "This bug has been fixed for 30 days. It has been opened to the public.\n\n- Your friendly Sheriffbot",
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "-restrict-view-commit"
}
]
}
]
},
"fix_commit": "8c9daf790abfc06e8ca3a44652542c577bb67d49",
"repo_addr": "https://gitlab.gnome.org/GNOME/libxml2.git"
}