harfbuzz/hb-subset-fuzzer: Stack-use-after-return in BEInt<unsigned short, 2>::operator unsigned short

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5669437462544384 Project: harfbuzz Fuzzer: aflharfbuzzhb-subset-fuzzer Fuzz target binary: hb-subset-fuzzer Job Type: aflasanharfbuzz Platform Id: linux Crash Type: Stack-use-after-return READ 1...

harfbuzz/hb-subset-fuzzer: Heap-buffer-overflow in OT::LigatureSubstFormat1::closure

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5651059347816448 Project: harfbuzz Fuzzer: aflharfbuzzhb-subset-fuzzer Fuzz target binary: hb-subset-fuzzer Job Type: aflasanharfbuzz Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Cra...

ffmpeg/ffmpeg_AV_CODEC_ID_MPEG4_fuzzer: Heap-buffer-overflow in get_bits

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5766801384800256 Project: ffmpeg Fuzzer: aflffmpegAVCODECIDMPEG4fuzzer Fuzz target binary: ffmpegAVCODECIDMPEG4fuzzer Job Type: aflasanffmpeg Platform Id: linux Crash Type: Heap-buffer-overflow READ 4...

poppler/pdf_fuzzer: Use-of-uninitialized-value in SampledFunction::transform

Detailed report: https://oss-fuzz.com/testcase?key=5728147954204672 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: SampledFunction::transform...

imagemagick/encoder_label_fuzzer: Use-of-uninitialized-value in GetNextUTFCode

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5653291170529280 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderlabelfuzzer Fuzz target binary: encoderlabelfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

graphicsmagick/coder_MVG_fuzzer: Stack-buffer-overflow in TranslateTextEx

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5158172004712448 Project: graphicsmagick Fuzzer: aflgraphicsmagickcoderMVGfuzzer Fuzz target binary: coderMVGfuzzer Job Type: aflasangraphicsmagick Platform Id: linux Crash Type:...

radare2/ia_fuzz: Crash in r_bin_mdmp_init_directory_entry

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5730103170957312 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x61910000fbff...

mupdf/pdf_fuzzer: Use-of-uninitialized-value in jbig2_decode_generic_template3

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5645021143891968 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

poppler/pdf_fuzzer: Use-of-uninitialized-value in clip01

Detailed report: https://oss-fuzz.com/testcase?key=5647387350532096 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: clip01...

envoy/header_map_impl_fuzz_test: Heap-buffer-overflow in Envoy::StringUtil::itoa

Project: https://github.com/envoyproxy/envoy.git Detailed report: https://oss-fuzz.com/testcase?key=5689833624698880 Project: envoy Fuzzer: libFuzzerenvoyheadermapimplfuzztest Fuzz target binary: headermapimplfuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Heap-buffer-overflo...

zlib-ng/compress_fuzzer: Crash in quick_send_bits

Project: https://github.com/sebpop/zlib-ng.git https://github.com/zlib-ng/zlib-ng.git Detailed report: https://oss-fuzz.com/testcase?key=5694515942785024 Project: zlib-ng Fuzzer: libFuzzerzlib-ngcompressfuzzer Fuzz target binary: compressfuzzer Job Type: libfuzzermsanzlib-ng Platform Id: linux...

radare2/ia_fuzz: Heap-buffer-overflow in sections

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5673375310020608 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address:...

ecc-diff-fuzzer/fuzz_ec: Unknown signal in __gmpn_sqr_basecase

Detailed report: https://oss-fuzz.com/testcase?key=5661474291187712 Project: ecc-diff-fuzzer Fuzzer: libFuzzerecc-diff-fuzzerfuzzec Fuzz target binary: fuzzec Job Type: libfuzzerubsanecc-diff-fuzzer Platform Id: linux Crash Type: Unknown signal Crash Address: 0x000000b0bc50 Crash State:...

envoy/h1_capture_fuzz_test: Heap-use-after-free in std::__1::shared_ptr<Envoy::Network::Address::Instance const>::shared_ptr

Detailed report: https://oss-fuzz.com/testcase?key=6231939177512960 Project: envoy Fuzzer: libFuzzerenvoyh1capturefuzztest Fuzz target binary: h1capturefuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Heap-use-after-free READ 8 Crash Address: 0x60500077ea00 Crash State:...

file/magic_fuzzer: Use-of-uninitialized-value in json_parse_array

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=5157169010835456 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzermsanfile Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

skia/animated_image_decode: Heap-buffer-overflow in swizzle_rgba16_to_bgra_premul

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5728303109898240 Project: skia Fuzzer: aflskiaanimatedimagedecode Fuzz target binary: animatedimagedecode Job Type: aflasanskia Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...

graphicsmagick/coder_TIFF_fuzzer: Use-of-uninitialized-value in DisassociateAlphaRegion

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5645145226608640 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderTIFFfuzzer Fuzz target binary: coderTIFFfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...

curl/curl_fuzzer_http: NULL

Project: https://github.com/curl/curl.git Detailed report: https://oss-fuzz.com/testcase?key=5101396595572736 Project: curl Fuzzer: libFuzzercurlfuzzerhttp Fuzz target binary: curlfuzzerhttp Job Type: libfuzzerubsancurl Platform Id: linux Crash Type: Null-dereference READ Crash Address:...

poppler/pdf_fuzzer: Use-of-uninitialized-value in SplashOutputDev::alphaImageSrc

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5769842689835008 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type:...

zlib-ng/compress_fuzzer: Negative-size-param in compress_fuzzer.c

Project: https://github.com/sebpop/zlib-ng.git https://github.com/zlib-ng/zlib-ng.git Detailed report: https://oss-fuzz.com/testcase?key=4634639783165952 Project: zlib-ng Fuzzer: libFuzzerzlib-ngcompressfuzzer Fuzz target binary: compressfuzzer Job Type: libfuzzerasanzlib-ng Platform Id: linux...

freetype2/cff-render: Heap-buffer-overflow in tt_face_palette_set

Detailed report: https://oss-fuzz.com/testcase?key=5278718313365504 Project: freetype2 Fuzzer: aflfreetype2cff-render Fuzz target binary: cff-render Job Type: aflasanfreetype2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x61f0000028d8 Crash State: ttfacepaletteset...

file/magic_fuzzer: Use-of-uninitialized-value in json_parse_number

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=5071138936848384 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzermsanfile Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

openvswitch/ofp_print_fuzzer: Heap-use-after-free in ofpact_finish_CLONE

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5722747668791296 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

mupdf/pdf_fuzzer: Heap-use-after-free in pdf_copy_pattern_gstate

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5748743025459200 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Heap-use-after-free READ Crash Address: 0x62d0000136c8 Cras...

mupdf/pdf_fuzzer: Stack-buffer-underflow in ps_index

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=6241403096006656 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Stack-buffer-underflow READ 8 Crash Address: 0x7fde52864418...

radare2/ia_fuzz: Heap-buffer-overflow in r_bin_mdmp_init_pe_bins

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5750576389292032 Project: radare2 Fuzzer: aflradare2iafuzz Fuzz target binary: iafuzz Job Type: aflasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address: 0x61d00002d8a0...

openvswitch/ofp_print_fuzzer: Heap-double-free in ofputil_pull_ofp15_group_mod

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5677588436484096 Project: openvswitch Fuzzer: aflopenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Heap-double-free Crash...

freetype2/cff: Heap-buffer-overflow in cff_parser_run

Detailed report: https://oss-fuzz.com/testcase?key=5731555572973568 Project: freetype2 Fuzzer: libFuzzerfreetype2cff Fuzz target binary: cff Job Type: libfuzzerasanfreetype2 Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address: 0x6080000005f3 Crash State: cffparserrun...

graphicsmagick/coder_MAT_fuzzer: Use-of-uninitialized-value in WriteBlob

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=4847485762666496 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderMATfuzzer Fuzz target binary: coderMATfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...

file/magic_fuzzer: Heap-buffer-overflow in json_parse_string

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4844153304252416 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzerasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

libreoffice/ww8fuzzer: Heap-buffer-overflow in SVBT16ToShort

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5729529975799808 Project: libreoffice Fuzzer: afllibreofficeww8fuzzer Fuzz target binary: ww8fuzzer Job Type: aflasanlibreoffice Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...

radare2/ia_fuzz: Heap-buffer-overflow in r_sleb128

Detailed report: https://oss-fuzz.com/testcase?key=6276422388678656 Project: radare2 Fuzzer: aflradare2iafuzz Fuzz target binary: iafuzz Job Type: aflasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x62b00002968b Crash State: rsleb128 parsedexclassmethod...

libreoffice/ww8fuzzer: Heap-buffer-overflow in rtl_uStringbuffer_insert

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6235706568474624 Project: libreoffice Fuzzer: libFuzzerlibreofficeww8fuzzer Fuzz target binary: ww8fuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Heap-buffer-overfl...

radare2/ia_fuzz: Crash in sections

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5669401876496384 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x6170fffe5484...

unrar/unrar_fuzzer: Negative-size-param in QuickOpen::ReadRaw

Project: https://github.com/aawc/unrar.git Detailed report: https://oss-fuzz.com/testcase?key=6239488958267392 Project: unrar Fuzzer: libFuzzerunrarfuzzer Fuzz target binary: unrarfuzzer Job Type: libfuzzerasanunrar Platform Id: linux Crash Type: Negative-size-param Crash Address: Crash State:...

libreoffice/ww6fuzzer: Bad-cast to SwNode from invalid vptr in SwTable::GetTableNode

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6192777900589056 Project: libreoffice Fuzzer: libFuzzerlibreofficeww6fuzzer Fuzz target binary: ww6fuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash...

libreoffice/docxfuzzer: Crash in IMPL_RTL_ACQUIRE

Detailed report: https://oss-fuzz.com/testcase?key=5742725021302784 Project: libreoffice Fuzzer: libFuzzerlibreofficedocxfuzzer Fuzz target binary: docxfuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000a00000002 Crash State: IMPLRTLACQUIRE...

freetype2/cff-ftengine: Stack-buffer-overflow in cff_parser_run

Detailed report: https://oss-fuzz.com/testcase?key=5723673720782848 Project: freetype2 Fuzzer: aflfreetype2cff-ftengine Fuzz target binary: cff-ftengine Job Type: aflasanfreetype2 Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7fa252831e10 Crash State: cffparserrun...

libreoffice/ww6fuzzer: Bad-cast to SwIndexReg from invalid vptr in SwIndex::Remove

Detailed report: https://oss-fuzz.com/testcase?key=6290151587184640 Project: libreoffice Fuzzer: libFuzzerlibreofficeww6fuzzer Fuzz target binary: ww6fuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash Address: 0x000012e6bed8 Crash State: Bad-cast to SwIndexRe...

libreoffice/ww6fuzzer: Bad-cast to SwNodeSwTable::GetTableNode in SwChartLockController_Helper::LockUnlockAllCharts

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6651521981743104 Project: libreoffice Fuzzer: libFuzzerlibreofficeww6fuzzer Fuzz target binary: ww6fuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash...

chakra: Crash in Js::PathTypeHandlerBase::AddPropertyInternal

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6042404720214016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x5617b9e05560 Crash State:...

libreoffice/ww6fuzzer: Heap-use-after-free in SwIndex::Remove

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5701931421925376 Project: libreoffice Fuzzer: libFuzzerlibreofficeww6fuzzer Fuzz target binary: ww6fuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Heap-use-after-fre...

file/magic_fuzzer: Heap-buffer-overflow in json_parse_object

Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4855426351890432 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzerasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

unrar/unrar_fuzzer: Crash in __msan_memcpy.part.51

Project: https://github.com/aawc/unrar.git Detailed report: https://oss-fuzz.com/testcase?key=5766983634124800 Project: unrar Fuzzer: libFuzzerunrarfuzzer Fuzz target binary: unrarfuzzer Job Type: libfuzzermsanunrar Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x72ffffffffe0 Crash...

glib/fuzz_variant_binary: Use-of-uninitialized-value in gvs_tuple_is_normal

Project: https://gitlab.gnome.org/GNOME/glib.git Detailed report: https://oss-fuzz.com/testcase?key=5995691548606464 Project: glib Fuzzer: libFuzzerglibfuzzvariantbinary Fuzz target binary: fuzzvariantbinary Job Type: libfuzzermsanglib Platform Id: linux Crash Type: Use-of-uninitialized-value Cra...

radare2/ia_fuzz: Heap-buffer-overflow in r_read_le32

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=4788899019751424 Project: radare2 Fuzzer: aflradare2iafuzz Fuzz target binary: iafuzz Job Type: aflasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x62f0000607f6...

zlib-ng/compress_fuzzer: Use-of-uninitialized-value in deflate_medium

Project: https://github.com/sebpop/zlib-ng.git https://github.com/zlib-ng/zlib-ng.git Detailed report: https://oss-fuzz.com/testcase?key=6268121894617088 Project: zlib-ng Fuzzer: libFuzzerzlib-ngcompressfuzzer Fuzz target binary: compressfuzzer Job Type: libfuzzermsanzlib-ng Platform Id: linux...

glib/fuzz_variant_binary: Heap-buffer-overflow in g_variant_serialiser_is_string

Project: https://gitlab.gnome.org/GNOME/glib.git Detailed report: https://oss-fuzz.com/testcase?key=6508931483435008 Project: glib Fuzzer: aflglibfuzzvariantbinary Fuzz target binary: fuzzvariantbinary Job Type: aflasanglib Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

zlib-ng/compress_fuzzer: Crash in fizzle_matches

Project: https://github.com/sebpop/zlib-ng.git https://github.com/zlib-ng/zlib-ng.git Detailed report: https://oss-fuzz.com/testcase?key=5177910347431936 Project: zlib-ng Fuzzer: libFuzzerzlib-ngcompressfuzzer Fuzz target binary: compressfuzzer Job Type: libfuzzermsanzlib-ng Platform Id: linux...

glib/fuzz_dbus_message: Use-of-uninitialized-value in g_dbus_message_new_from_blob

Project: https://gitlab.gnome.org/GNOME/glib.git Detailed report: https://oss-fuzz.com/testcase?key=5649572817797120 Project: glib Fuzzer: libFuzzerglibfuzzdbusmessage Fuzz target binary: fuzzdbusmessage Job Type: libfuzzermsanglib Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...