Detailed report: https://oss-fuzz.com/testcase?key=5644258942386176
Project: harfbuzz
Fuzzer: libFuzzer_harfbuzz_hb-shape-fuzzer
Fuzz target binary: hb-shape-fuzzer
Job Type: libfuzzer_msan_harfbuzz
Platform Id: linux
Crash Type: Use-of-uninitialized-value
Crash Address:
Crash State:
hb_kern_machine_t<OT::KernSubTableFormat3>::kern
OT::KernSubTableFormat3::apply
OT::KernSubTable::apply
Sanitizer: memory (MSAN)
Recommended Security Severity: Medium
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5644258942386176
Issue filed automatically.
See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.
This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any stable releases.
* add any other useful information.
This information can help downstream consumers.
If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues.
{"id": "OSSFUZZ-11254", "type": "ossfuzz", "bulletinFamily": "software", "title": "harfbuzz/hb-shape-fuzzer: Use-of-uninitialized-value in hb_kern_machine_t<OT::KernSubTableFormat3>::kern", "description": "Detailed report: https://oss-fuzz.com/testcase?key=5644258942386176\n\nProject: harfbuzz\nFuzzer: libFuzzer_harfbuzz_hb-shape-fuzzer\nFuzz target binary: hb-shape-fuzzer\nJob Type: libfuzzer_msan_harfbuzz\nPlatform Id: linux\n\nCrash Type: Use-of-uninitialized-value\nCrash Address: \nCrash State:\n hb_kern_machine_t<OT::KernSubTableFormat3>::kern\n OT::KernSubTableFormat3::apply\n OT::KernSubTable::apply\n \nSanitizer: memory (MSAN)\n\nRecommended Security Severity: Medium\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=5644258942386176\n\nIssue filed automatically.\n\nSee https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.\n\nWhen you fix this bug, please\n * mention the fix revision(s).\n * state whether the bug was a short-lived regression or an old bug in any stable releases.\n * add any other useful information.\nThis information can help downstream consumers.\n\nIf you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues.", "published": "2018-11-04T08:16:22", "modified": "2018-12-18T16:25:59", "cvss": {}, "href": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11254", "reporter": "Google", "references": [], "cvelist": [], "lastseen": "2020-04-03T13:52:56", "viewCount": 2, "enchantments": {"dependencies": {}, "score": {"value": -0.5, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.5}, "ossfuzz": {"issue": 11254, "status": "WontFix", "project": "harfbuzz", "ref": null, "crashType": "Use-of-uninitialized-value", "error": "no_ref"}, "affectedSoftware": [{"name": "harfbuzz", "version": "any", "operator": "eq"}], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645679333, "score": 1659818015, "affected_software_major_version": 1666691171}, "_internal": {"score_hash": "927ec2ae81c0ab9046f60984a4b00ff3"}}
harfbuzz/hb-shape-fuzzer: Use-of-uninitialized-value in hb_kern_machine_t<OT::KernSubTableFormat3>::kern