Open thbeu opened 5 months ago
We monitor oss-fuzz, so there's no need to re-create issues here. Also, these issues are not particularly useful without the poc files.
Right. The issues are reported for libmatio (with restricted access only) and I dot not know if the same issues are also reported for your setup. It's all due to #272.
Here comes the testfile.zip
Right, but they also purposely disclose those privately so that maintainers can patch their code before the public is alerted. Putting oss-fuzz issues in GitHub defeats that purpose. Please don't do it. Our goal is to fix everything outstanding for 1.14.5 and then stay oss-fuzz clean in the future. Thanks!
This still leaves the question how do you know about the hdf5-related issues reported for libmatio? They are reported with restricted access to me and not for libhdf5.
One other point is that I only reported the issues that got recently introduced in the development version. In case of #4293 and #4307 it worked out to be fixed for 1.14.4. I do not know if they would have been addressed early if not reported.
If you care about disclosure you can set up GitHub to enable privatly reported security issues: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability. This would help in my case. Edit: You already did so and I may use it if you prefer.
This is verified as fixed now: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67905
Describe the bug
==1989==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000004b58 at pc 0x000000bdf5f9 bp 0x7fffd47546d0 sp 0x7fffd47546c8 READ of size 1 at 0x602000004b58 thread T0
0 0xbdf5f8 in H5T__bit_find hdf5/src/H5Tbit.c:0:20
0x602000004b58 is located 0 bytes to the right of 8-byte region [0x602000004b50,0x602000004b58) allocated by thread T0 here:
0 0x5303ee in __interceptor_calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:77:3
Additional context
Reported for c5c4713a9a0c940a6d20daad1152a3fc80b4fec5.