libxml2: Use-of-uninitialized-value in xmlDictLookup

2017-04-05T18:51:12
ID OSSFUZZ-1017
Type ossfuzz
Reporter Google
Modified 2017-06-06T13:05:51

Description

Project: https://gitlab.gnome.org/GNOME/libxml2.git

Detailed report: https://oss-fuzz.com/testcase?key=6260038165331968

Project: libxml2 Fuzzer: libFuzzer_libxml2_xml_read_memory_fuzzer Fuzz target binary: libxml2_xml_read_memory_fuzzer Job Type: libfuzzer_msan_libxml2 Platform Id: linux

Crash Type: Use-of-uninitialized-value Crash Address: Crash State: xmlDictLookup xmlParseNameComplex xmlParseName

Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_msan_libxml2&range=201608301640:201704050427

Reproducer Testcase: https://oss-fuzz.com/download/AMIfv96H_Q6SaGM3dX6ItCn4xsfCMmYrQxRz8PskE6LteocXNmYLBaofbjd0_x5yHuff93gcstM7i_8nifBxzP9PGwRcwgzB9C9OXNg9_C-LElQkT7IJkTxpaKN8fyKdNhH5ADCVrMUKqjF2ID30vyrpUt5LhmkF2lF9BtqtC99MwefPMxUnZKgcsEsoABmUqsunIhP925WI9pw04VNCKKSpEe94b4VbB7ERpGWgv9ekd6XCde6Cv99_Gb1dIyorqU12neiPORKqUkfTqDEIX2_q15Fel-NWcwf7J8Q6ptvtuN6kagm5OhpESvMBEOtqEOV25Ye5k1WfuEhltR3SLeasCr-UbNA6o3zER2kHRltmYU6ROd2P58Xj15GH9GRL1Zqt8VxLG1SN?testcase_id=6260038165331968

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.