-
Notifications
You must be signed in to change notification settings - Fork 8
/
10252.json
186 lines (186 loc) · 20.5 KB
/
10252.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
{
"fix": "https://aomedia.googlesource.com/aom/+/32017745b0b4cb6d69ced6250dd67d9faf6282f8%5E%21/",
"verify": "0",
"localId": 10252,
"project": "aom",
"fuzzer": "afl",
"sanitizer": "asan",
"crash_type": "Heap-buffer-overflow WRITE 4",
"severity": "High",
"report": {
"comments": [
{
"localId": 10252,
"descriptionNum": 1,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "ClusterFuzz-External",
"userId": "382749006"
},
"content": "Detailed report: https://oss-fuzz.com/testcase?key=5681902774648832\n\nProject: libaom\nFuzzer: afl_libaom_av1_dec_fuzzer_threaded\nFuzz target binary: av1_dec_fuzzer_threaded\nJob Type: afl_asan_libaom\nPlatform Id: linux\n\nCrash Type: Heap-buffer-overflow WRITE 4\nCrash Address: 0x60b00000041c\nCrash State:\n av1_loop_restoration_filter_frame_mt\n av1_decode_tg_tiles_and_wrapup\n aom_decode_frame_from_obus\n \nSanitizer: address (ASAN)\n\nRecommended Security Severity: High\n\nRegressed: https://oss-fuzz.com/revisions?job=afl_asan_libaom&range=201809060125:201809070125\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5681902774648832\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.\n\nWhen you fix this bug, please\n * mention the fix revision(s).\n * state whether the bug was a short-lived regression or an old bug in any stable releases.\n * add any other useful information.\nThis information can help downstream consumers.\n\nIf you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues.",
"timestamp": 1536319325
},
{
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "OS-Linux"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "ClusterFuzz-External",
"userId": "382749006"
},
"sequenceNum": 1,
"timestamp": 1536319945
},
{
"amendments": [
{
"fieldName": "Status",
"oldValue": "New",
"newOrDeltaValue": "Accepted"
},
{
"fieldName": "Owner",
"newOrDeltaValue": "[email protected]"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "3387381486"
},
"sequenceNum": 2,
"timestamp": 1536790516
},
{
"amendments": [
{
"fieldName": "Cc",
"newOrDeltaValue": "[email protected]"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "3423437891"
},
"content": "Possibly the same as b/114647746. I had a primary fix for it:\r\nhttps://aomedia-review.googlesource.com/c/aom/+/70761",
"sequenceNum": 3,
"timestamp": 1536791156
},
{
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "3275348242"
},
"content": "The following revision refers to this bug:\n https://aomedia.googlesource.com/aom/+/32017745b0b4cb6d69ced6250dd67d9faf6282f8\n\ncommit 32017745b0b4cb6d69ced6250dd67d9faf6282f8\nAuthor: Ravi Chaudhary <[email protected]>\nDate: Fri Sep 14 15:48:43 2018\n\nFix initialization in loop restoration mt\n\nWhen luma loop restoration is disabled, the initialization of\ncur_sb_col in lr_sync was not happening correctly.\n\nBUG=b/114647746\nBUG=oss-fuzz:10252\n\nChange-Id: I842a4a142680fdc78265c2f037b8bb1641f5e5d3\n\n[modify] https://crrev.com/32017745b0b4cb6d69ced6250dd67d9faf6282f8/av1/common/thread_common.c\n",
"sequenceNum": 4,
"timestamp": 1536946260
},
{
"amendments": [
{
"fieldName": "Cc",
"newOrDeltaValue": "[email protected]"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "2446019828"
},
"sequenceNum": 5,
"timestamp": 1536950676
},
{
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "ClusterFuzz-External",
"userId": "382749006"
},
"content": "ClusterFuzz has detected this issue as fixed in range 201809140126:201809150126.\n\nDetailed report: https://oss-fuzz.com/testcase?key=5681902774648832\n\nProject: libaom\nFuzzer: afl_libaom_av1_dec_fuzzer_threaded\nFuzz target binary: av1_dec_fuzzer_threaded\nJob Type: afl_asan_libaom\nPlatform Id: linux\n\nCrash Type: Heap-buffer-overflow WRITE 4\nCrash Address: 0x60b00000041c\nCrash State:\n av1_loop_restoration_filter_frame_mt\n av1_decode_tg_tiles_and_wrapup\n aom_decode_frame_from_obus\n \nSanitizer: address (ASAN)\n\nRecommended Security Severity: High\n\nRegressed: https://oss-fuzz.com/revisions?job=afl_asan_libaom&range=201809060125:201809070125\nFixed: https://oss-fuzz.com/revisions?job=afl_asan_libaom&range=201809140126:201809150126\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5681902774648832\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nIf you suspect that the result above is incorrect, try re-doing that job on the test case report page.",
"sequenceNum": 6,
"timestamp": 1536995084
},
{
"amendments": [
{
"fieldName": "Status",
"oldValue": "Accepted",
"newOrDeltaValue": "Verified"
},
{
"fieldName": "Labels",
"newOrDeltaValue": "ClusterFuzz-Verified"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "ClusterFuzz-External",
"userId": "382749006"
},
"content": "ClusterFuzz testcase 5681902774648832 is verified as fixed, so closing issue as verified.\n\nIf this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new",
"sequenceNum": 7,
"timestamp": 1536995321
},
{
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "3275348242"
},
"content": "The following revision refers to this bug:\n https://chromium.googlesource.com/chromium/src.git/+/7184de671cca6fae230dc6baa3815e3349d35d89\n\ncommit 7184de671cca6fae230dc6baa3815e3349d35d89\nAuthor: Wan-Teh Chang <[email protected]>\nDate: Wed Sep 19 21:48:34 2018\n\nRoll src/third_party/libaom/source/libaom/ 67645b8f5..f866f5ebb (46 commits)\n\nhttps://aomedia.googlesource.com/aom.git/+log/67645b8f529c..f866f5ebb34b\n\n$ git log 67645b8f5..f866f5ebb --date=short --no-merges --format='%ad %ae %s'\n2018-09-18 wtc Fix cmake -DENABLE_EXAMPLES=0 error.\n2018-08-06 chengchen Bitmask patch 7: Optimize traversal steps.\n2018-08-03 chengchen Bitmask patch 6: Minor improvement.\n2018-07-30 chengchen Bitmask patch 5: Store vertical border and skip using bitmask\n2018-09-18 grant.hsu Extend blk_skip to support chroma planes\n2018-07-30 chengchen Bitmask patch 4: Store transform size info for vartx\n2018-07-26 chengchen Bitmask patch 3: Add more lookup table entries for bitmask.\n2018-09-13 anorkin Fix sending repeated random_seed in film grain\n2018-09-12 tdaede Only build stats library if examples are enabled.\n2018-09-17 wtc Call decoder_decode() even on invalid input data.\n2018-09-12 david.barker Fix range check in half_btf() function\n2018-09-17 wtc Optimize set_planes_to_neutral_grey for highbd.\n2018-07-16 chengchen Bitmask patch 2: Applying filtering once bitmask is built\n2018-07-20 chengchen Bitmask patch 1: Reduce u/v horizontal/vertical\n2018-09-17 tomfinegan Propagate user private data when film grain enabled.\n2018-09-07 umang.saini Fix 32bit build for arm target arch 8\n2018-09-13 yaowu Add cmdline switch --skip-film-grain to aomdec\n2018-09-17 remya.prakasan Add sse4_1 variant for highbd inv_txfm 32x32\n2018-09-17 satish.suman Optimize highbd 64x64 fwd_txfm\n2018-08-27 alexanderbokov Add ML-based rectangular partition pruning\n(...)\n\nCreated with:\n roll-dep src/third_party/libaom/source/libaom\[email protected],[email protected],[email protected]\n\nBug: oss-fuzz:10151\nBug: oss-fuzz:10242\nBug: aomedia:2163\nBUG: b/114621710\nBUG: b/114647746\nBUG: oss-fuzz:10252\nChange-Id: I6aab2c5958217ea1660a26783870adb6d6810ad7\nReviewed-on: https://chromium-review.googlesource.com/1234955\nCommit-Queue: Tom Finegan <[email protected]>\nReviewed-by: Tom Finegan <[email protected]>\nCr-Commit-Position: refs/heads/master@{#592557}\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/DEPS\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/README.chromium\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/config/aom_version.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm-neon-cpu-detect/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm-neon-cpu-detect/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm-neon/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm-neon/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm64/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/arm64/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/generic/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/generic/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/ia32/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/ia32/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/ia32/config/av1_rtcd.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/x64/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/x64/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/linux/x64/config/av1_rtcd.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/ia32/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/ia32/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/ia32/config/av1_rtcd.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/x64/config/aom_config.asm\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/x64/config/aom_config.h\n[modify] https://crrev.com/7184de671cca6fae230dc6baa3815e3349d35d89/third_party/libaom/source/config/win/x64/config/av1_rtcd.h\n",
"sequenceNum": 8,
"timestamp": 1537393784
},
{
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "merge-merged-3538"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "3275348242"
},
"content": "The following revision refers to this bug:\n https://chromium.googlesource.com/chromium/src.git/+/9943a644150b92c1f9d1360159c4aaa362f0b455\n\ncommit 9943a644150b92c1f9d1360159c4aaa362f0b455\nAuthor: Wan-Teh Chang <[email protected]>\nDate: Tue Sep 25 17:44:19 2018\n\nRoll src/third_party/libaom/source/libaom/ 67645b8f5..f866f5ebb (46 commits)\n\nhttps://aomedia.googlesource.com/aom.git/+log/67645b8f529c..f866f5ebb34b\n\n$ git log 67645b8f5..f866f5ebb --date=short --no-merges --format='%ad %ae %s'\n2018-09-18 wtc Fix cmake -DENABLE_EXAMPLES=0 error.\n2018-08-06 chengchen Bitmask patch 7: Optimize traversal steps.\n2018-08-03 chengchen Bitmask patch 6: Minor improvement.\n2018-07-30 chengchen Bitmask patch 5: Store vertical border and skip using bitmask\n2018-09-18 grant.hsu Extend blk_skip to support chroma planes\n2018-07-30 chengchen Bitmask patch 4: Store transform size info for vartx\n2018-07-26 chengchen Bitmask patch 3: Add more lookup table entries for bitmask.\n2018-09-13 anorkin Fix sending repeated random_seed in film grain\n2018-09-12 tdaede Only build stats library if examples are enabled.\n2018-09-17 wtc Call decoder_decode() even on invalid input data.\n2018-09-12 david.barker Fix range check in half_btf() function\n2018-09-17 wtc Optimize set_planes_to_neutral_grey for highbd.\n2018-07-16 chengchen Bitmask patch 2: Applying filtering once bitmask is built\n2018-07-20 chengchen Bitmask patch 1: Reduce u/v horizontal/vertical\n2018-09-17 tomfinegan Propagate user private data when film grain enabled.\n2018-09-07 umang.saini Fix 32bit build for arm target arch 8\n2018-09-13 yaowu Add cmdline switch --skip-film-grain to aomdec\n2018-09-17 remya.prakasan Add sse4_1 variant for highbd inv_txfm 32x32\n2018-09-17 satish.suman Optimize highbd 64x64 fwd_txfm\n2018-08-27 alexanderbokov Add ML-based rectangular partition pruning\n(...)\n\nCreated with:\n roll-dep src/third_party/libaom/source/libaom\[email protected],[email protected],[email protected]\n\nBug: chromium:888022\nBug: oss-fuzz:10151\nBug: oss-fuzz:10242\nBug: aomedia:2163\nBUG: b/114621710\nBUG: b/114647746\nBUG: oss-fuzz:10252\nChange-Id: I0bd468082e1dafc5b05820c82d4efd730fc99ffd\nReviewed-on: https://chromium-review.googlesource.com/1239154\nReviewed-by: Johann Koenig <[email protected]>\nCr-Commit-Position: refs/branch-heads/3538@{#654}\nCr-Branched-From: 79f7c91a2b2a2932cd447fa6f865cb6662fa8fa6-refs/heads/master@{#587811}\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/DEPS\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/README.chromium\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/config/aom_version.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm-neon-cpu-detect/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm-neon-cpu-detect/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm-neon/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm-neon/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm64/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/arm64/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/generic/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/generic/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/ia32/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/ia32/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/ia32/config/av1_rtcd.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/x64/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/x64/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/linux/x64/config/av1_rtcd.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/ia32/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/ia32/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/ia32/config/av1_rtcd.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/x64/config/aom_config.asm\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/x64/config/aom_config.h\n[modify] https://crrev.com/9943a644150b92c1f9d1360159c4aaa362f0b455/third_party/libaom/source/config/win/x64/config/av1_rtcd.h\n",
"sequenceNum": 9,
"timestamp": 1537897479
},
{
"amendments": [
{
"fieldName": "Labels",
"newOrDeltaValue": "-restrict-view-commit"
}
],
"localId": 10252,
"projectName": "oss-fuzz",
"commenter": {
"displayName": "[email protected]",
"userId": "4164592774"
},
"content": "This bug has been fixed for 30 days. It has been opened to the public.\n\n- Your friendly Sheriffbot",
"sequenceNum": 10,
"timestamp": 1539617039
}
]
},
"fix_commit": "32017745b0b4cb6d69ced6250dd67d9faf6282f8",
"repo_addr": "https://aomedia.googlesource.com/aom"
}