Closed
Bug 1465440
Opened 7 years ago
Closed 6 years ago
Disable CRC checks in FlacDemuxer for FUZZING
Categories
(Core :: Audio/Video: Playback, enhancement, P3)
Tracking
()
RESOLVED
FIXED
mozilla70
People
(Reporter: decoder, Assigned: decoder)
References
Details
(Keywords: sec-other, sec-want, Whiteboard: [post-critsmash-triage][adv-main70-])
Attachments
(1 file)
The FlacDemuxer has some CRC8/CRC16 header checks that we should probably disable in FUZZING builds.
|
||
Comment 1•7 years ago
|
||
can't the fuzzer simply set the CRC value?
it's not that much required. Especially if you know the existing CRC and are only changing a byte at the time. The new CRC can be easily calculated from there
|
Assignee | |
Comment 2•7 years ago
|
||
No, the fuzzer cannot do that. In order to do so, the fuzzer (in this case libfuzzer) would have to know the file structure and it doesn't know that.
|
|
||
Comment 3•7 years ago
|
||
let's fix libfuzzer then :D
|
|
Assignee | |
Comment 4•7 years ago
|
||
(In reply to Jean-Yves Avenard [:jya] from comment #3)
> let's fix libfuzzer then :D
It is the whole point of libFuzzer not being required to know the target file format structure. There is nothing to fix here on the fuzzer side, it is common practice to fix this in the target code.
|
||
Updated•6 years ago
|
Priority: -- → P3
|
||
Updated•6 years ago
|
Component: Audio/Video → Audio/Video: Playback
|
|
Assignee | |
Comment 5•6 years ago
|
||
|
||
Comment 6•6 years ago
|
||
There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:decoder, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(choller)
|
||
Comment 7•6 years ago
|
||
https://hg.mozilla.org/integration/autoland/rev/eb06624e60a07a85ad1981db4b93aae6c2d6d0d3
https://hg.mozilla.org/mozilla-central/rev/eb06624e60a0
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox70:
--- → fixed
Flags: needinfo?(choller)
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
|
||
Updated•6 years ago
|
status-firefox68:
--- → wontfix
status-firefox69:
--- → wontfix
status-firefox-esr60:
--- → wontfix
status-firefox-esr68:
--- → wontfix
|
||
Updated•6 years ago
|
Flags: qe-verify+
Whiteboard: [post-critsmash-triage]
|
|
||
Updated•5 years ago
|
Flags: qe-verify+ → qe-verify-
|
||
Updated•5 years ago
|
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main70-]
|
||
Updated•4 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•