-
Notifications
You must be signed in to change notification settings - Fork 8
/
10125.json
127 lines (127 loc) · 7.19 KB
/
10125.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
{
"fix": "https://gitlab.com/gnutls/gnutls/-/commit/d165c2a37f7d072cc88db88ec97f057a9ac6e4aa",
"verify": "0",
"localId": 10125,
"project": "gnutls",
"fuzzer": "libfuzzer",
"sanitizer": "msan",
"crash_type": "Use-of-uninitialized-value",
"severity": "Medium",
"report": {
"comments": [
{
"projectName": "oss-fuzz",
"localId": 10125,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1535688079,
"content": "Detailed report: https://oss-fuzz.com/testcase?key=5657484820217856\n\nProject: gnutls\nFuzzer: libFuzzer_gnutls_srp_server_fuzzer\nFuzz target binary: gnutls_srp_server_fuzzer\nJob Type: libfuzzer_msan_gnutls\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n _gnutls_x509_get_time\n gnutls_x509_crt_get_expiration_time\n _gnutls_check_cert_sanity\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_gnutls&range=201808300152:201808310152\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5657484820217856\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.\n\nWhen you fix this bug, please\n * mention the fix revision(s).\n * state whether the bug was a short-lived regression or an old bug in any stable releases.\n * add any other useful information.\nThis information can help downstream consumers.\n\nIf you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues.",
"descriptionNum": 1
},
{
"projectName": "oss-fuzz",
"localId": 10125,
"sequenceNum": 1,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1535688605,
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "OS-Linux"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10125,
"sequenceNum": 2,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1535768290,
"content": "This crash occurs very frequently on linux platform and is likely preventing the fuzzer gnutls_srp_server_fuzzer from making much progress. Fixing this will allow more bugs to be found.\n\nIf this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new",
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "Fuzz-Blocker"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10125,
"sequenceNum": 3,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1537403841,
"content": "ClusterFuzz has detected this issue as fixed in range 201809190156:201809192118.\n\nDetailed report: https://oss-fuzz.com/testcase?key=5657484820217856\n\nProject: gnutls\nFuzzer: libFuzzer_gnutls_srp_server_fuzzer\nFuzz target binary: gnutls_srp_server_fuzzer\nJob Type: libfuzzer_msan_gnutls\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n _gnutls_x509_get_time\n gnutls_x509_crt_get_expiration_time\n _gnutls_check_cert_sanity\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_gnutls&range=201808300152:201808310152\nFixed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_gnutls&range=201809190156:201809192118\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5657484820217856\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nIf you suspect that the result above is incorrect, try re-doing that job on the test case report page."
},
{
"projectName": "oss-fuzz",
"localId": 10125,
"sequenceNum": 4,
"commenter": {
"userId": "382749006",
"displayName": "ClusterFuzz-External"
},
"timestamp": 1537404854,
"content": "ClusterFuzz testcase 5657484820217856 is verified as fixed, so closing issue as verified.\n\nIf this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new",
"amendments": [
{
"fieldName": "Status",
"newOrDeltaValue": "Verified",
"oldValue": "New"
},
{
"fieldName": "Labels",
"newOrDeltaValue": "ClusterFuzz-Verified"
}
]
},
{
"projectName": "oss-fuzz",
"localId": 10125,
"sequenceNum": 5,
"commenter": {
"userId": "4164592774",
"displayName": "[email protected]"
},
"timestamp": 1540049047,
"content": "This bug has been fixed for 30 days. It has been opened to the public.\n\n- Your friendly Sheriffbot",
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "-restrict-view-commit"
}
]
}
]
},
"fix_commit": [
"470a4e82449bb3920adb554151cf763722ff472e",
"9a3bce5c298895ec8d39e6c59522b2651588db55",
"41e436db729e8001b5d47bbdc52a816822dddbc6",
"ee1a44378f4b6439eeeb40c600ce4a27c11928fd",
"14a1e6cba4d9ff997307e1d1b4c46f13c8970855",
"74856e90221864b718db3f480c2eb2dbb26dffc7",
"634c05829e0e2663d506a75c259bc13e6530246f",
"a7623bc56970ea26ef9b65750272ba9a38b364f2",
"091539245b1a3cc010f2c2cb9ffe9c664cb2f44c",
"55479c057e8224e065979bfb2beedc84f6fad701",
"ed3b6d9ac9e526541c1acfee5f5825c92e34e80a",
"7ce7b28dbdfbcc798b682d0f26e6d9ef59277a37",
"df8465c7df41f42e0271a19229be08c2b12828da",
"c7cbef52c27217c3bd529ddef26152fb11093a12",
"d62b7454c57cb3d9e8687af34e9364e306639d0b",
"d165c2a37f7d072cc88db88ec97f057a9ac6e4aa"
],
"repo_addr": "https://gitlab.com/gnutls/gnutls.git"
}