lcms: Heap-buffer-overflow in BilinearInterpFloat

2017-01-12T23:58:46
ID OSSFUZZ-406
Type ossfuzz
Reporter Google
Modified 2017-02-24T03:32:44

Description

Project: https://github.com/mm2/Little-CMS.git

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4979939312926720

Project: lcms Fuzzer: libFuzzer_lcms_cms_transform_fuzzer Fuzz target binary: cms_transform_fuzzer Job Type: libfuzzer_asan_lcms Platform Id: linux

Crash Type: Heap-buffer-overflow READ 4 Crash Address: 0x6030000005a0 Crash State: BilinearInterpFloat EvaluateCLUTfloat _LUTevalFloat

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Minimized Testcase (1.34 Kb): https://clusterfuzz-external.appspot.com/download/AMIfv94j0mldegALmF803ta4AZzuER2bs75rR0D_RtWKjnZtUFnwt8w-tx7ukwDHahyTkuR4Ce3gnZp-0fC6TfvwBjXeM0MexCNUp7pt8dKIrePGzaR_-NiEkzbwA3x5goApZzV0pmg2P6v3IrS4kiwZ0vH6Y8ixDpbugf00Igbt3KvmwzSgkwXdV0RD5WAVqPZWLhhSP2JJ9iKM1lCEHsFc-xSCIatxr9t_SymWxgz7gDjZGTf8S6_J3bhe2KaS665cO5DcmOnqXfkywtobxfZzu4tj5mQrH20XCfWDEN1jwGuUfPp9xQ45wjSwmPKqjP_QSwyFYNIwOzfwVVRofN6FfBxMZwPBNsm3Eo_3mZJqCJ7Wlm2L8zkedO1k-DDxActVlatB2kbxv-B8c5O2_pcrrdOA-e1WRDV8yDNO9J3j7gGHokUcIFI?testcase_id=4979939312926720

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.