Issue 62071 in oss-fuzz: elfutils:fuzz-libdwfl: Null-dereference READ in chunk_compare

Comment #2 on issue 62071 by evv...@gmail.com: elfutils:fuzz-libdwfl: Null-dereference READ in chunk_compare https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62071#c2 For some reason the testcase isn't public. I'll report it to OSS-Fuzz. I uploaded the test case to GitHub so now it should

Issue 62071 in oss-fuzz: elfutils:fuzz-libdwfl: Null-dereference READ in chunk_compare

Comment #1 on issue 62071 by evv...@gmail.com: elfutils:fuzz-libdwfl: Null-dereference READ in chunk_compare https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62071#c1 ``` SCARINESS: 10 (null-deref) #0 0x82d35d1 in chunk_compare /src/elfutils/libelf/elf_getdata_rawchunk.c:49:25 #1

Issue 60887 in oss-fuzz: elfutils:fuzz-libelf: Direct-leak in __libelf_decompress_zlib

Comment #1 on issue 60887 by evv...@gmail.com: elfutils:fuzz-libelf: Direct-leak in __libelf_decompress_zlib https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60887#c1 The full backtrace is ``` ==178009==ERROR: LeakSanitizer: detected memory leaks Direct leak of 1 byte(s) in 1 object(s) all

Issue 56179 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section

Comment #1 on issue 56179 by evv...@gmail.com: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56179#c1 It's a duplicate of https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134 as far as I can tell. I'm not sure wh

Issue 56134 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section

Comment #1 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c1 Below is the full backtrace ``` ==2272==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x5fb3c7 in check_

Issue 56134 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section

Comment #2 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in check_section https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c2 It can be confirmed with Valgrind: ``` wget -O OSS-FUZZ-56134 'https://oss-fuzz.com/download?testcase_id=672405714514

Issue 46095 in oss-fuzz: elfutils:fuzz-libelf: Use-of-uninitialized-value in elf_compress_gnu

Comment #1 on issue 46095 by evv...@gmail.com: elfutils:fuzz-libelf: Use-of-uninitialized-value in elf_compress_gnu https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46095#c1 It was reported in https://sourceware.org/bugzilla/show_bug.cgi?id=29000 as well. To avoid duplicates like this the

Issue 46094 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in elf_compress_gnu

Comment #1 on issue 46094 by evv...@gmail.com: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in elf_compress_gnu https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46094#c1 It was reported in https://sourceware.org/bugzilla/show_bug.cgi?id=29000 -- You received this message because:

Issue 45706 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in process_file

Comment #1 on issue 45706 by evv...@gmail.com: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in process_file https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45706#c1 It's a false positive. https://github.com/google/oss-fuzz/pull/7422 should fix it. -- You received this message beca

Issue 45705 in oss-fuzz: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_next_arhdr_wrlock

Comment #5 on issue 45705 by evv...@gmail.com: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_next_arhdr_wrlock https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45705#c5 > I did this because I asked in an internal email with Mark if it would be > appreciated (the answer was yet). Sorr

Issue 45705 in oss-fuzz: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_next_arhdr_wrlock

Comment #3 on issue 45705 by evv...@gmail.com: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_next_arhdr_wrlock https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45705#c3 Reproducer testcases are publicly available and can be downloaded using links in bug reports. Since every comment is

Issue 45630 in oss-fuzz: elfutils:fuzz-libelf: Use-of-uninitialized-value in validate_str

Comment #4 on issue 45630 by evv...@gmail.com: elfutils:fuzz-libelf: Use-of-uninitialized-value in validate_str https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45630#c4 Issues like that are bogus and https://github.com/google/oss-fuzz/pull/7401 should fix them. Since it's a "security" is

Issue 45636 in oss-fuzz: elfutils:fuzz-libdwfl: Crash in read_long_names

Comment #3 on issue 45636 by evv...@gmail.com: elfutils:fuzz-libdwfl: Crash in read_long_names https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45636#c3 It seems to be a duplicate of https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45628. Any idea why OSS-Fuzz keeps reporting it? I

Issue 45628 in oss-fuzz: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol

Comment #4 on issue 45628 by evv...@gmail.com: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45628#c4 > Hopefully I'll fix the documentation once I've gotten round to it. I opened https://github.com/google/oss-fuzz/pull/7403 where I

Issue 45628 in oss-fuzz: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol

Comment #3 on issue 45628 by evv...@gmail.com: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45628#c3 > See https://google.github.io/oss-fuzz/advanced-topics/reproducing for > instructions to reproduce this bug locally. FWIW this b

Issue 43505 in oss-fuzz: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note

Comment #3 on issue 43505 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43505#c3 Looking at another issue that hasn't been reported by OSS-Fuzz yet: ``` Running: /mnt/scratch0/clusterfu

Issue 43505 in oss-fuzz: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note

Comment #2 on issue 43505 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43505#c2 I haven't figured out how to reproduce it without clang and MSan yet but here's the backtrace just in case ``` R

Issue 43449 in oss-fuzz: elfutils:fuzz-dwfl-core: Timeout in fuzz-dwfl-core

Comment #1 on issue 43449 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Timeout in fuzz-dwfl-core https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43449#c1 As far as I can see it takes the fuzzer about 15 seconds to process this file without ASan so it doesn't seem to be an elfutils issue

Issue 43307 in oss-fuzz: elfutils:fuzz-dwfl-core: Crash in read_addrs

Comment #2 on issue 43307 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Crash in read_addrs https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43307#c2 It can be reproduced by downloading the reproducer testcase and passing it to eu-stack: ``` autoreconf -i -f ./configure --enable-maintaine

Issue 43356 in oss-fuzz: elfutils:fuzz-dwfl-core: Misaligned-address in Elf32_cvt_Dyn

Comment #1 on issue 43356 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Misaligned-address in Elf32_cvt_Dyn https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43356#c1 It can be reproduced by downloading the reproducer testcase and passing it to eu-stack: ``` autoreconf -i -f ./configure --