libreoffice/mmlfuzzer: Heap-use-after-free in sax_fastparser::FastSaxParserImpl::callbackStartElement

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6282740317028352 Project: libreoffice Fuzzer: libFuzzerlibreofficemmlfuzzer Fuzz target binary: mmlfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Heap-use-after-fre...

libreoffice/mmlfuzzer: Bad-cast to SmXMLImport from SvXMLImport in SmXMLImportContext::GetSmImport

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5722250335485952 Project: libreoffice Fuzzer: libFuzzerlibreofficemmlfuzzer Fuzz target binary: mmlfuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash...

libreoffice/mmlfuzzer: Heap-buffer-overflow in SmXMLTableContext_Impl::EndElement

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6605675816812544 Project: libreoffice Fuzzer: libFuzzerlibreofficemmlfuzzer Fuzz target binary: mmlfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Heap-buffer-overfl...

libreoffice/mmlfuzzer: Bad-cast to SmStructureNode from SmMathSymbolNode in SmXMLTableContext_Impl::EndElement

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6148484173398016 Project: libreoffice Fuzzer: libFuzzerlibreofficemmlfuzzer Fuzz target binary: mmlfuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash...