Opened 3 years ago

Closed 2 years ago

#4996 closed defect (worksforme)

wkb_import_fuzzer: Stack-overflow in lwcurvepoly_from_wkb_state

Reported by: komzpa Owned by: pramsey
Priority: medium Milestone: PostGIS 3.1.7
Component: postgis Version: 2.5.x -- EOL
Keywords: Cc:

Description

Found via oss-fuzz

Attachments (1)

clusterfuzz-testcase-minimized-wkb_import_fuzzer-4510152078786560.fuzz (119.7 KB ) - added by komzpa 3 years ago.

Download all attachments as: .zip

Change History (10)

comment:1 by robe, 3 years ago

Milestone: PostGIS 3.2.0PostGIS 3.1.5

comment:2 by pramsey, 3 years ago

And what exactly do we do with this .fuzz file? the README.txt in the fuzzers directory has no steps. This is why I have no truck with ossfuzz, I'm always trying to figure out what the heck to do with the odd reporting artifacts.

comment:3 by komzpa, 3 years ago

Just stuff it into WKB parser as a binary and you'll get the crash.

comment:4 by robe, 3 years ago

Milestone: PostGIS 3.1.5PostGIS 3.2.1

comment:5 by robe, 3 years ago

Milestone: PostGIS 3.2.1PostGIS 3.1.6

comment:6 by robe, 2 years ago

Milestone: PostGIS 3.1.6PostGIS 3.1.7

comment:7 by pramsey, 2 years ago

Hm, saw a type wrapping issue in the usan builds but no stack overflow… https://github.com/postgis/postgis/pull/704

comment:8 by pramsey, 2 years ago

I see no crash. Just a sanitizer warning (which is fixed in PR).

comment:9 by pramsey, 2 years ago

Resolution: worksforme
Status: newclosed
Note: See TracTickets for help on using tickets.