coda_recognize_file_fuzzer: Heap-buffer-overflow in read_byte

[schwehr]

This is without hdf4 enabled.

==84167==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000050b1 at pc 0x55d0bd348d2a bp 0x7fff9a07c1f0 sp 0x7fff9a07b9b8
WRITE of size 8 at 0x6020000050b1 thread T0
    #1 0x55d0bd45d7db in read_bytes third_party/stcorp_coda/libcoda/coda-read-bytes.h:96:9
    #2 0x55d0bd45dc88 in read_length_value third_party/stcorp_coda/libcoda/coda-netcdf.c:72:13
    #3 0x55d0bd45e3d6 in read_dim_array third_party/stcorp_coda/libcoda/coda-netcdf.c:149:13
    #4 0x55d0bd45cfe5 in coda_netcdf_reopen third_party/stcorp_coda/libcoda/coda-netcdf.c:887:9
    #5 0x55d0bd453d3f in reopen_with_backend third_party/stcorp_coda/libcoda/coda-product.c:404:17
    #6 0x55d0bd450a08 in open_file third_party/stcorp_coda/libcoda/coda-product.c:552:9
    #7 0x55d0bd45034a in coda_recognize_file third_party/stcorp_coda/libcoda/coda-product.c:596:9
    #8 0x55d0bd362a51 in LLVMFuzzerTestOneInput third_party/stcorp_coda/fuzz/coda_recognize_file_fuzzer.cc:19:3

0x6020000050b1 is located 0 bytes to the right of 1-byte region [0x6020000050b0,0x6020000050b1)
allocated by thread T0 here:
    #1 0x55d0bd45e208 in read_dim_array third_party/stcorp_coda/libcoda/coda-netcdf.c:125:19
    #2 0x55d0bd45cfe5 in coda_netcdf_reopen third_party/stcorp_coda/libcoda/coda-netcdf.c:887:9
    #3 0x55d0bd453d3f in reopen_with_backend third_party/stcorp_coda/libcoda/coda-product.c:404:17
    #4 0x55d0bd450a08 in open_file third_party/stcorp_coda/libcoda/coda-product.c:552:9
    #5 0x55d0bd45034a in coda_recognize_file third_party/stcorp_coda/libcoda/coda-product.c:596:9
    #6 0x55d0bd362a51 in LLVMFuzzerTestOneInput third_party/stcorp_coda/fuzz/coda_recognize_file_fuzzer.cc:19:3

testcase-5989855435948032.test.zip

[svniemeijer]

Fixed in c123865ea68b2c2bd3096a54a444f110510a536a

[schwehr]

Verified