Opened 7 years ago
Last modified 7 years ago
#7127 closed defect
kml heap-use-after-free found by fuzzer — at Initial Version
Reported by: | Kurt Schwehr | Owned by: | warmerdam |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | default | Version: | unspecified |
Severity: | normal | Keywords: | kml fuzzing |
Cc: |
Description
==475427==ERROR: AddressSanitizer: heap-use-after-free on address 0x606000092900 at pc 0x0000007c611a bp 0x7ffcbfe18a90 sp 0x7ffcbfe18a88 READ of size 8 at 0x606000092900 thread T0 #0 0x7c6119 in KMLNode::~KMLNode() third_party/gdal/ogr/ogrsf_frmts/kml/kmlnode.cpp:132:20 #1 0x7d365d in KML::parse() third_party/gdal/ogr/ogrsf_frmts/kml/kml.cpp:134:17 #2 0x5ec22c in OGRKMLDataSource::Open(char const*, int) third_party/gdal/ogr/ogrsf_frmts/kml/ogrkmldatasource.cpp:149:22 #3 0x50ac05 in LLVMFuzzerTestOneInput third_party/gdal/autotest2/cpp/ogr/ogrsf_frmts/kml/kmldataset_fuzzer.cc:38:31
Change History (1)
by , 7 years ago
Attachment: | minimized-from-283e30738ba30188bd38bec4419f1069da29a6ee.kml added |
---|
Note:
See TracTickets
for help on using tickets.
minimal crash case