Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ossfuzzGoogleOSSFUZZ-3637
HistoryOct 13, 2017 - 8:07 p.m.

open62541/fuzz_binary_message: Crash in UA_SecureChannel_processChunk

2017-10-1320:07:48
Google
bugs.chromium.org
7
JSON

Project:
https://github.com/open62541/open62541.git

Detailed report: https://oss-fuzz.com/testcase?key=6734765949452288

Project: open62541
Fuzzer: libFuzzer_open62541_fuzz_binary_message
Fuzz target binary: fuzz_binary_message
Job Type: libfuzzer_ubsan_open62541
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000003444000
Crash State:
UA_SecureChannel_processChunk
UA_Connection_processChunks
UA_Server_processBinaryMessage

Sanitizer: undefined (UBSAN)

Recommended Security Severity: Medium

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_ubsan_open62541&range=201710110532:201710111700

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6734765949452288

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.

When you fix this bug, please

  • mention the fix revision(s).
  • state whether the bug was a short-lived regression or an old bug in any stable releases.
  • add any other useful information.
    This information can help downstream consumers.

If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues.

JSON