Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stack-overflow (OSS-Fuzz 869) #517

Closed
nlohmann opened this issue Mar 17, 2017 · 2 comments
Closed

Stack-overflow (OSS-Fuzz 869) #517

nlohmann opened this issue Mar 17, 2017 · 2 comments
Labels
aspect: binary formats BSON, CBOR, MessagePack, UBJSON confirmed kind: bug

Comments

@nlohmann
Copy link
Owner 

Detailed report: https://oss-fuzz.com/testcase?key=5116967767769088

Project: json
Fuzzer: libFuzzer_json_parse_cbor_fuzzer
Job Type: libfuzzer_asan_json
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7ffc0dea4b58
Crash State:
  nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha
  
Sanitizer: address (ASAN)

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_json&range=201701031958:201701032147

Reproducer Testcase: https://oss-fuzz.com/download/AMIfv95GDH2Mys_drMGzg9fUR7UPBBqUF_LhjJm-rgKw6x-oTwvsux765EavyU1j3OwyrVWiw_gW8F_Ia6rk-diY-dnPJ2rD592wN1mKQoik0vlg1QtZCaI2yCI5uBCQuaf1PBLkLbIsMQtTywZ5nmE_AZlrvhk2Mye_GJ4oM8wNGSM96vFsgM_IpJ8RXU_sE1htQ639Zyj55qzACG-LDlRAXFeA-Pxd9X2Os5u259dzhhjmH6eqLlXItedTywfMtygaPkYlc4R05g78-SwjpAyOv0BNR4dx2jkcD9xHXNjjAY-232t-qf9oWf2T66QqT_FoMbm9qtBf1FAI8H6Af4e9PUMVB2xjPOIe8uCQh50tqv58mnKY41ZAwOcstJChSYmBAAFsUSnV?testcase_id=5116967767769088


Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.

clusterfuzz-testcase-5116967767769088.zip
@nlohmann
Copy link
Owner Author

This seems to be a classical stack overflow due to excessive nesting of arrays.

@nlohmann nlohmann added solution: proposed fix a fix for the issue has been proposed and waits for confirmation and removed solution: proposed fix a fix for the issue has been proposed and waits for confirmation labels Mar 17, 2017
@nlohmann nlohmann mentioned this issue Mar 28, 2017
Closed
@nlohmann nlohmann added the aspect: binary formats BSON, CBOR, MessagePack, UBJSON label Mar 28, 2017
@nlohmann
Copy link
Owner Author

nlohmann commented May 7, 2017

ClusterFuzz has detected this issue as fixed in range 201705051619:201705061619.

@nlohmann nlohmann closed this as completed May 7, 2017
@nlohmann nlohmann mentioned this issue May 9, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
aspect: binary formats BSON, CBOR, MessagePack, UBJSON confirmed kind: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nlohmann