[cairo] Anyone interested in fuzzing issues?
Albert Astals Cid
aacid at kde.org
Wed Dec 16 19:29:23 UTC 2020
We recently added fuzzing to the cairo renderer in poppler and we're getting quite some issues like
==937==ERROR: AddressSanitizer: SEGV on unknown address 0x621ffffffbf1 (pc 0x00000128668c bp 0x7fff021c0130 sp 0x7fff021c0130 T0)
The signal is caused by a READ memory access.
#0 0x128668c in get_unaligned_be16 cairo/src/cairoint.h:254:12
==16677==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61e000000ab0 at pc 0x000001284abe bp 0x7ffcd2a139c0 sp 0x7ffcd2a139b8
WRITE of size 4 at 0x61e000000ab0 thread T0
#0 0x1284abd in cairo_cff_font_read_fdselect cairo/src/cairo-cff-subset.c:995:35
==82684==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x000001183711 bp 0x7fff8230a940 sp 0x7fff8230a840 T0)
The signal is caused by a READ memory access.
#0 0x1183711 in cairo_cff_font_subset_charstrings_and_subroutines cairo/src/cairo-cff-subset.c:1792:45
Anyone interested in the full traces/files to reproduce those issues?
Cheers,
Albert
More information about the cairo
mailing list