Re: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet

gpsd-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet

From:	Gary E. Miller
Subject:	Re: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse
Date:	Sat, 1 Oct 2022 14:41:23 -0700

Yo ClusterFuzz-External!

Another "crash" in an "integer overflow" while computing a checksum.

It is not a "crash", and the "overflow" is part of the algorithm.

INVALID.

On Sat, 01 Oct 2022 08:55:57 -0700
ClusterFuzz-External via monorail <monorail+v2.382749006@chromium.org>
wrote:

> Status: New
> Owner: ----
> CC: gpsd-...@nongnu.org, ajsin...@gmail.com, g...@rellim.com 
> Labels: Restrict-View-Commit ClusterFuzz Reproducible
> Stability-UndefinedBehaviorSanitizer Engine-libfuzzer OS-Linux
> Reported-2022-10-01 Proj-gpsd Type: Bug
> 
> New issue 52040 by ClusterFuzz-External: gpsd:FuzzPacket:
> Integer-overflow in packet_parse
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52040
> 
> Detailed Report: https://oss-fuzz.com/testcase?key=5379656203501568
> 
> Project: gpsd
> Fuzzing Engine: libFuzzer
> Fuzz Target: FuzzPacket
> Job Type: libfuzzer_ubsan_gpsd
> Platform Id: linux
> 
> Crash Type: Integer-overflow
> Crash Address: 
> Crash State:
>   packet_parse
>   FuzzPacket.c
>   
> Sanitizer: undefined (UBSAN)
> 
> Crash Revision:
> https://oss-fuzz.com/revisions?job=libfuzzer_ubsan_gpsd&revision=202210010601
> 
> Reproducer Testcase:
> https://oss-fuzz.com/download?testcase_id=5379656203501568
> 
> Issue filed automatically.
> 
> See https://google.github.io/oss-fuzz/advanced-topics/reproducing for
> instructions to reproduce this bug locally. When you fix this bug,
> please
>   * mention the fix revision(s).
>   * state whether the bug was a short-lived regression or an old bug
> in any stable releases.
>   * add any other useful information.
> This information can help downstream consumers.
> 
> If you need to contact the OSS-Fuzz team with a question, concern, or
> any other feedback, please file an issue at
> https://github.com/google/oss-fuzz/issues. Comments on individual
> Monorail issues are not monitored.
> 
> This bug is subject to a 90 day disclosure deadline. If 90 days elapse
> without an upstream patch, then the bug report will automatically
> become visible to the public.
> 




RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
        gem@rellim.com  Tel:+1 541 382 8588

            Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin

pgpdR47CndxiI.pgp
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse, ClusterFuzz-External via monorail, 2022/10/01
- Re: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse, Gary E. Miller <=
- Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse, ClusterFuzz-External via monorail, 2022/10/18
- Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse, sheriffbot via monorail, 2022/10/18
- Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse, garye… via monorail, 2022/10/18

Prev by Date: Re: Issue 52042 in oss-fuzz: gpsd:FuzzLibgps: Timeout in FuzzLibgps
Next by Date: Re: Issue 52037 in oss-fuzz: gpsd:FuzzJson: Use-after-poison in json_internal_read_object
Previous by thread: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse
Next by thread: Issue 52040 in oss-fuzz: gpsd:FuzzPacket: Integer-overflow in packet_parse
Index(es):
- Date
- Thread