forked from n132/ARVO-Meta
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path1066.json
115 lines (115 loc) · 7.03 KB
/
1066.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
{
"fix": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/074180119fc90d5fd04ef9e8a5ee1910d6f9ad8e",
"verify": "2",
"localId": 1066,
"project": "libxml2",
"fuzzer": "libfuzzer",
"sanitizer": "msan",
"crash_type": "Use-of-uninitialized-value",
"severity": "Medium",
"report": {
"comments": [
{
"projectName": "oss-fuzz",
"localId": 1066,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1491645060,
"content": "Detailed report: https://oss-fuzz.com/testcase?key=6685532522283008\n\nProject: libxml2\nFuzzer: libFuzzer_libxml2_xml_read_memory_fuzzer\nFuzz target binary: libxml2_xml_read_memory_fuzzer\nJob Type: libfuzzer_msan_libxml2\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n xmlCurrentChar\n xmlParseAttValueComplex\n xmlParseAttValueInternal\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201608301640:201704050427\n\nReproducer Testcase: https://oss-fuzz.com/download/AMIfv94iyK_fH_851kUn3RyBESeNcNltIR78AYtClsi8R5Qq97Iz4jvVfBga_nAbggpJLMWuUawp0MV4Yww7PEoNeNTCmoXNRWX0N1adK1puNdvdOUmXHm7BTpOutNDTjaxW67WAxTbcb3dE2DlwoqoITU65obX1IeMniVBr9n9NTvRKRfabBjnfazUn8LN4YuFrvCI-Q4YlrRqsgD4yZReJgZ9kO1Oio4OETGrGyJX7pQU2K-ASQfQ6pMAqHe_ftlC4L7xnfztNRsqapl0jJwxlNIDKsDtgTUDnqkf9gI7ygglBVu1jlQTw7_axcQAwiOc3SPEkWxD9fA6Ozb0Mb0iBzI-tmiPvN1wU8QlxrVZmJPim623JAcy8zHOBCtF6Ucqk00fQuQ2r?testcase_id=6685532522283008\n\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.",
"descriptionNum": 1
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 1,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1491648354,
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "OS-Linux"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 2,
"commenter": {
"userId": "1966858889",
"displayName": "[email protected]"
},
"timestamp": 1491787744,
"content": "I could not reproduce this with Chromium's libxml2_xml_read_memory_fuzzer at r463162 although I'm not really satisfied as to why."
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 3,
"commenter": {
"userId": "71439148",
"displayName": "[email protected]"
},
"timestamp": 1491956805,
"content": "Issues 1010, 1011, 1014, 1017, 1026, 1049, 1066, 1074, 1076\r\nseem to be caused by a bug in msan interceptor for iconv(). \r\nFixed in http://llvm.org/viewvc/llvm-project?rev=300010&view=rev, \r\nlet's see if ClusterFuzz agrees. \r\n\r\nSorry for the noise. "
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 4,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1492067312,
"content": "ClusterFuzz has detected this issue as fixed in range 201704101614:201704130557.\n\nDetailed report: https://oss-fuzz.com/testcase?key=6685532522283008\n\nProject: libxml2\nFuzzer: libFuzzer_libxml2_xml_read_memory_fuzzer\nFuzz target binary: libxml2_xml_read_memory_fuzzer\nJob Type: libfuzzer_msan_libxml2\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n xmlCurrentChar\n xmlParseAttValueComplex\n xmlParseAttValueInternal\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201608301640:201704050427\nFixed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201704101614:201704130557\n\nReproducer Testcase: https://oss-fuzz.com/download/AMIfv94iyK_fH_851kUn3RyBESeNcNltIR78AYtClsi8R5Qq97Iz4jvVfBga_nAbggpJLMWuUawp0MV4Yww7PEoNeNTCmoXNRWX0N1adK1puNdvdOUmXHm7BTpOutNDTjaxW67WAxTbcb3dE2DlwoqoITU65obX1IeMniVBr9n9NTvRKRfabBjnfazUn8LN4YuFrvCI-Q4YlrRqsgD4yZReJgZ9kO1Oio4OETGrGyJX7pQU2K-ASQfQ6pMAqHe_ftlC4L7xnfztNRsqapl0jJwxlNIDKsDtgTUDnqkf9gI7ygglBVu1jlQTw7_axcQAwiOc3SPEkWxD9fA6Ozb0Mb0iBzI-tmiPvN1wU8QlxrVZmJPim623JAcy8zHOBCtF6Ucqk00fQuQ2r?testcase_id=6685532522283008\n\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nIf you suspect that the result above is incorrect, try re-doing that job on the test case report page."
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 5,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1492073279,
"content": "ClusterFuzz testcase 6685532522283008 is verified as fixed, so closing issue.\n\nIf this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.",
"amendments": [
{
"fieldName": "Status",
"newOrDeltaValue": "Verified",
"oldValue": "New"
},
{
"fieldName": "Labels",
"newOrDeltaValue": "ClusterFuzz-Verified"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 1066,
"sequenceNum": 6,
"commenter": {
"userId": "4164592774",
"displayName": "[email protected]"
},
"timestamp": 1494680628,
"content": "This bug has been fixed for 30 days. It has been opened to the public.\n\n- Your friendly Sheriffbot",
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "-restrict-view-commit"
}
]
}
]
},
"fix_commit": "074180119fc90d5fd04ef9e8a5ee1910d6f9ad8e",
"repo_addr": "https://gitlab.gnome.org/GNOME/libxml2.git"
}