Opened 6 years ago
Closed 6 years ago
#7072 closed defect (fixed)
GRIB triggers msan issue in GDALChecksumImage
Reported by: | Kurt Schwehr | Owned by: | warmerdam |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | default | Version: | unspecified |
Severity: | normal | Keywords: | grib msan |
Cc: |
Description
I've hit this issue before with other fuzzer files. and not figured out how to fix it. Help would be appreciated.
GDALChecksumImage third_party/gdal/alg/gdalchecksum.cpp:110
Once the asan issue is fixed, I get an msan issue here with the attached fuzzer derived proof of concept (from autofuzz).
for( int iLine = nYOff; iLine < nYOff + nYSize; iLine++ ) { if( GDALRasterIO( hBand, GF_Read, nXOff, iLine, nXSize, 1, padfLineData, nXSize, 1, eDstDataType, 0, 0 ) != CE_None ) { CPLError(CE_Failure, CPLE_FileIO, "Checksum value couldn't be computed due to " "I/O read error."); break; } const int nCount = bComplex ? nXSize * 2 : nXSize; for( int i = 0; i < nCount; i++ ) { double dfVal = padfLineData[i]; int nVal; if( CPLIsNan(dfVal) || CPLIsInf(dfVal) ) // <-- MemorySanitizer: use-of-uninitialized-value
The msan is coming from GDALChecksumImage called here:
https://github.com/schwehr/gdal-autotest2/blob/master/cpp/fuzzers/gdal.cc#L87
Attachments (1)
Change History (2)
by , 6 years ago
Attachment: | poc-ac31a626b9abdf948d14aff3bdebcffdc841e31fbb313ab2c2fdec6e67e1ab7c added |
---|
comment:1 by , 6 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
This is no longer reproducible with latest trunk
$ valgrind gdalinfo poc-ac31a626b9abdf948d14aff3bdebcffdc841e31fbb313ab2c2fdec6e67e1ab7c ==31023== Memcheck, a memory error detector ==31023== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==31023== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==31023== Command: gdalinfo poc-ac31a626b9abdf948d14aff3bdebcffdc841e31fbb313ab2c2fdec6e67e1ab7c ==31023== Warning: Inside GRIB2Inventory, Message # 2 ERROR: Couldn't find 'GRIB' or 'TDLP' There were 3 trailing bytes in the file. ERROR 4: poc-ac31a626b9abdf948d14aff3bdebcffdc841e31fbb313ab2c2fdec6e67e1ab7c is a grib file, but no raster dataset was successfully identified. gdalinfo failed - unable to open 'poc-ac31a626b9abdf948d14aff3bdebcffdc841e31fbb313ab2c2fdec6e67e1ab7c'.
Note:
See TracTickets
for help on using tickets.
Fuzzer generated proof of concept GRIB that triggers a checksum msan failure