mysql-server:fuzz_real_query: Memcpy-param-overlap in read_ok_ex

2020-02-10T18:34:54
ID OSSFUZZ-20627
Type ossfuzz
Reporter Google
Modified 2020-05-11T19:57:13

Description

Detailed Report: https://oss-fuzz.com/testcase?key=6322724899389440

Project: mysql-server Fuzzing Engine: libFuzzer Fuzz Target: fuzz_real_query Job Type: libfuzzer_asan_mysql-server Platform Id: linux

Crash Type: Memcpy-param-overlap Crash Address: [0x7ff545cea848,0x2037ff447d7aa51) and [0x625000059913, 0x203624f020e9b1c) Crash State: read_ok_ex cli_read_query_result mysql_real_query

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_asan_mysql-server&revision=202002100540

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6322724899389440

Issue filed automatically.

See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.

**** UNREPRODUCIBLE **** Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days, we've been seeing this crash frequently.

It may be possible to reproduce by trying the following options: - Run testcase multiple times for a longer duration. - Run fuzzing without testcase argument to hit the same crash signature.

If it still does not reproduce, try a speculative fix based on the crash stacktrace and verify if it works by looking at the crash statistics in the report. We will auto-close the bug if the crash is not seen for 14 days.


When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers.

If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.