Open tbeu opened 3 months ago
We monitor oss-fuzz, so there's no need to re-create issues here. Also, these issues are not particularly useful without the poc files.
Right. The issues are reported for libmatio (with restricted access only) and I dot not know if the same issues are also reported for your setup. It's all due to #272.
Here comes the testfile.zip
This is verified as fixed now: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67806
Describe the bug
==5605==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000657c at pc 0x00000049ef41 bp 0x7ffd4583ea30 sp 0x7ffd4583e200 READ of size 8 at 0x60200000657c thread T0 SCARINESS: 23 (8-byte-read-heap-buffer-overflow)
0 0x49ef40 in __asan_memcpy /src/llvm-project/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3
0x60200000657c is located 0 bytes to the right of 12-byte region [0x602000006570,0x60200000657c) allocated by thread T0 here:
0 0x49fbb6 in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
Additional context
Reported for c5c4713a9a0c940a6d20daad1152a3fc80b4fec5.