View Issue Details

IDProjectCategoryView StatusLast Update
0000551filegeneralpublic2016-06-01 22:25
ReporterF. Alonso 
Assigned ToChristos Zoulas 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformx86_64OSlinuxOS VersionFedora
Product Version 
Target VersionFixed in Version5.28 
Summary0000551: file 5.27 cdf_unpack_catalog cdf.c:1077
Description==26509==ERROR: AddressSanitizer: negative-size-param: (size=-528)
    #0 0x7f99de6fc099 in __asan_memset (/lib64/libasan.so.2+0x8d099)
    #1 0x7f99de44e798 in cdf_unpack_catalog /home/revskills/libFuzzer/file-5.27/src/cdf.c:1077
    #2 0x7f99de45012c in cdf_file_catalog /home/revskills/libFuzzer/file-5.27/src/readcdf.c:274
    0000003 0x7f99de45012c in cdf_file_catalog_info /home/revskills/libFuzzer/file-5.27/src/readcdf.c:378
    0000004 0x7f99de45012c in file_trycdf /home/revskills/libFuzzer/file-5.27/src/readcdf.c:544
    0000005 0x7f99de446086 in file_buffer /home/revskills/libFuzzer/file-5.27/src/funcs.c:243
    0000006 0x7f99de4261fa in file_or_fd /home/revskills/libFuzzer/file-5.27/src/magic.c:521
    0000007 0x7f99de426807 in magic_file /home/revskills/libFuzzer/file-5.27/src/magic.c:399
    0000008 0x401f8c in process /home/revskills/libFuzzer/file-5.27/src/file.c:513
    0000009 0x40338a in main /home/revskills/libFuzzer/file-5.27/src/file.c:383
    0000010 0x7f99dde5e57f in __libc_start_main (/lib64/libc.so.6+0x2057f)
    0000011 0x401618 in _start (/usr/local/bin/file+0x401618)

0x60200000ef98 is located 8 bytes inside of 8-byte region [0x60200000ef90,0x60200000ef98)
allocated by thread T0 here:
    #0 0x7f99de70797a in malloc (/lib64/libasan.so.2+0x9897a)
    #1 0x7f99de44e750 in cdf_unpack_catalog /home/revskills/libFuzzer/file-5.27/src/cdf.c:1072
Steps To Reproducefile 8ff3743e51e838d104b6e9fc211865b2
TagsNo tags attached.

Relationships

Activities

F. Alonso

F. Alonso

2016-05-28 16:51

reporter  

F. Alonso

F. Alonso

2016-05-28 19:57

reporter   ~0001320

ok it seems dupe 0000539, please confirm
CVS Commit

CVS Commit

2016-06-01 22:25

developer   ~0001329


Module Name: file
Committed By: christos
Date: Wed Jun 1 22:25:25 UTC 2016

Modified Files:
    file/src: cdf.c

Log Message:
PR/551: If we found no sections, return.


Christos Zoulas

Christos Zoulas

2016-06-01 22:25

manager   ~0001330

Thanks!

Issue History

Date Modified Username Field Change
2016-05-28 16:51 F. Alonso New Issue
2016-05-28 16:51 F. Alonso File Added: 8ff3743e51e838d104b6e9fc211865b2
2016-05-28 19:57 F. Alonso Note Added: 0001320
2016-06-01 22:25 CVS Commit
2016-06-01 22:25 CVS Commit Note Added: 0001329
2016-06-01 22:25 CVS Commit Status new => confirmed
2016-06-01 22:25 CVS Commit Resolution open => fixed
2016-06-01 22:25 Christos Zoulas Assigned To => Christos Zoulas
2016-06-01 22:25 Christos Zoulas Status confirmed => assigned
2016-06-01 22:25 Christos Zoulas Note Added: 0001330
2016-06-01 22:25 Christos Zoulas Status assigned => resolved
2016-06-01 22:25 Christos Zoulas Fixed in Version => 5.28