Closed
Bug 1806104
Opened 2 years ago
Closed 2 years ago
Hit MOZ_CRASH(Unused) at netwerk/base/FuzzySecurityInfo.cpp:22
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
RESOLVED
FIXED
110 Branch
Tracking | Status | |
---|---|---|
firefox-esr102 | --- | unaffected |
firefox108 | --- | unaffected |
firefox109 | --- | unaffected |
firefox110 | --- | fixed |
People
(Reporter: decoder, Assigned: decoder)
References
(Regression)
Details
(4 keywords, Whiteboard: [post-critsmash-triage][adv-main110-])
Attachments
(3 files)
The attached testcase crashes on mozilla-central revision 20221216-ef0d179e0aeb (fuzzing build).
For detailed crash information, see attachment.
To reproduce the issue, perform the following steps:
- Download the attached testcase, save as "test.bin".
2a. Build with--enable-fuzzing
(requires Clang and ASan, also build gtests using./mach gtest dontruntests
).
2b. Alternatively you can download builds from TC usingpython -mfuzzfetch -a --fuzzing --target firefox gtest
(see https://github.com/MozillaSecurity/fuzzfetch). - Run
FUZZER=NetworkHttp2 objdir/dist/bin/firefox test.bin
I'm marking this s-s not because this is a sec bug per se but because it blocks us from resuming the HTTP2 fuzzing that was down for a month. We can unhide this once the fuzzing is back up.
I also have a simple patch for this, coming up.
Assignee | ||
Comment 1•2 years ago
|
||
Assignee | ||
Comment 2•2 years ago
|
||
Assignee | ||
Comment 3•2 years ago
|
||
Updated•2 years ago
|
Assignee: nobody → choller
Status: NEW → ASSIGNED
Comment 4•2 years ago
|
||
Add missing security state for HTTP/2 fuzzing. r=necko-reviewers,valentin
https://hg.mozilla.org/integration/autoland/rev/e7ef485d4085db4c8ee3ce3bed8a7ed3e873a73c
https://hg.mozilla.org/mozilla-central/rev/e7ef485d4085
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 110 Branch
Updated•2 years ago
|
status-firefox108:
--- → unaffected
status-firefox109:
--- → unaffected
status-firefox-esr102:
--- → unaffected
Regressed by: 1805234
Updated•2 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Updated•2 years ago
|
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main110-]
Updated•1 year ago
|
Group: core-security-release
Keywords: regression
You need to log in
before you can comment on or make changes to this bug.
Description
•