ASan: heap-buffer-overflow in sec_asn1d_parse_more_identifier()

RESOLVED INVALID

Status

NSS
Libraries
--
critical
RESOLVED INVALID
3 years ago
3 years ago

People

(Reporter: tsmith, Unassigned)

Tracking

(Blocks: 1 bug, 4 keywords)

trunk
x86_64
Linux
crash, csectype-bounds, sec-high, testcase

Firefox Tracking Flags

(firefox43 affected)

Details

Attachments

(2 attachments)

(Reporter)

Description

3 years ago
Created attachment 8658466 [details]
call_stack.txt

I created a fuzzing harness by modifying the test attached to bug 1202868 to read from a file.
(Reporter)

Comment 1

3 years ago
Created attachment 8658467 [details]
test_case
Keywords: sec-high

Comment 2

3 years ago
Unable to reproduce this once the harness fix from https://bugzilla.mozilla.org/show_bug.cgi?id=1202868#c8 is applied.
Flags: needinfo?(twsmith)
(Reporter)

Comment 3

3 years ago
Thanks for catching that Ryan. The harness has been updated and I no longer see this failure.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Flags: needinfo?(twsmith)
Resolution: --- → INVALID
Group: crypto-core-security
You need to log in before you can comment on or make changes to this bug.