search

schwehr / libais

C++ decoder for Automatic Identification System for tracking ships and decoding maritime information
Other
215 stars 94 forks source link

Ais20 fails in fuzzer #174

Open schwehr opened 6 years ago

schwehr commented 6 years ago

698c5da87ab3ea0c5db223e6d983a17b53bb6cc7:

body: "DDDDDDDDDDDDD"
fill_bits: 2
ais.cpp:153 in unsigned int libais::AisBitset::ToUnsignedInt(const size_t, const size_t) const: start + len <= num_chars * 6

    @     0x56386037d10e  __assert_fail
    @     0x56385fc706f4  libais::AisBitset::ToUnsignedInt()
    @     0x56385fc6ac86  libais::Ais20::Ais20()
    @     0x56385fc45a06  absl::MakeUnique<>()

crash-7a32fbdbf053b942285cb3e824f1d4fd23446a6a:

body: "DDDDDDDDDDDDDDDDDDDDDDD="
fill_bits: 0
cpp:153 in unsigned int libais::AisBitset::ToUnsignedInt(const size_t, const size_t) const: start + len <= num_chars * 6
    @     0x55724eafb6f4  libais::AisBitset::ToUnsignedInt()
    @     0x55724eaf5f41  libais::Ais20::Ais20()
    @     0x55724ead0a06  absl::MakeUnique<>()

crash-bf663467c29f6930d756d70eb16c02fb908c14b1:

body: "DDDDDDDDDDDDDDDDDDDDDD\000\000\000\000\000\000\0000DDDDDDDDDDDDDDDDD="
fill_bits: 5
ais.cpp:153 in unsigned int libais::AisBitset::ToUnsignedInt(const size_t, const size_t) const: start + len <= num_chars * 6

    @     0x559020d2510e  __assert_fail
    @     0x5590206186f4  libais::AisBitset::ToUnsignedInt()
    @     0x559020612f0e  libais::Ais20::Ais20()
    @     0x5590205eda06  absl::MakeUnique<>()