search

ericmckean / webm

Automatically exported from code.google.com/p/webm
0 stars 0 forks source link

Integer overflow demuxing fuzzed file #810

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. curl -O 
http://downloads.webmproject.org/test_data/libvpx/vp90-2-15-fuzz-flicker.webm
2. Build libwebm with ioc (see attached patch)
3. ./sample vp90-2-15-fuzz-flicker.webm

What do you see instead?
./sample vp90-2-15-fuzz-flicker.webm
[...]
mkvparser.cpp:250:12: runtime error: left shift of negative value -128
[...]

What version are you using? 
8be63972fdd7ae8c041778f8ba674ade903395c9 

Please provide any additional information below.

The whole file does not look integer overflow clean, wrt left shifts of 
negative values. ("E1 << E2"; where E1 < 0).

Original issue reported on code.google.com by aconve...@google.com on 17 Jun 2014 at 7:17

Attachments:

GoogleCodeExporter commented 9 years ago 
Issue 835 has been merged into this issue.

Original comment by jz...@google.com on 8 Aug 2014 at 7:30

GoogleCodeExporter commented 9 years ago

Original comment by renganat...@google.com on 23 Oct 2014 at 10:24