libxml2: Heap-buffer-overflow in xmlAddID

2017-02-16T09:19:44
ID OSSFUZZ-598
Type ossfuzz
Reporter Google
Modified 2019-03-04T16:56:33

Description

Project: https://gitlab.gnome.org/GNOME/libxml2.git

Detailed report: https://oss-fuzz.com/testcase?key=4626005117370368

Project: libxml2 Fuzzer: libxml2_xml_read_memory_fuzzer Job Type: libfuzzer_asan_libxml2 Crash Type: Heap-buffer-overflow WRITE 4 Crash Address: 0x60b000001410 Crash State: xmlAddID xmlValidateOneNamespace xmlSAX2AttributeInternal

Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_libxml2&range=201702151035:201702151543

Reproducer Testcase: https://oss-fuzz.com/download/AMIfv94ONCY54t895DIUwAUD0-SN7N6khzcuT67vKHOygdLhLUPH71m7FVPuYHKLyLo2q5GVJp1w6UBAP-k_FhjbzlfPjM3CILumbukqfAsi3ANx1MHSIODojQa-WovY-kPS4q9XY6hOvDT5UigtfYam2D_41h3tt6PpAM11omlquF5APEtjNo7sfMaGd9dw4FDktd7uUrNWjhMnMtUek_5YF7iXdpU_FADlLh4ZeK0WmY0A4bLkKT_CadeaXqr81v76GI4PwGsPK6O2_PxoFXnUgYAkyYTO50Utfvyu0tLN3KDDYD3oh_oVSCH9AzMEQB3ogMWIPzza0q4xFM09sH_yBH03PpggeepL2nCF6EXPCA0OOB_M7rqSHE6jJCjTQ-U1Fz4k5vdoBKQbSxTARw54zNhtMjzGhZI0OZg-PzCp09jsm7APb00?testcase_id=4626005117370368

Issue manually filed by: mmoroz

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.