Skip to content

Assertion error (OSS-Fuzz 868) #516

New issue
New issue
Closed
Closed
Assertion error (OSS-Fuzz 868)#516
Assignees
nlohmann
Labels
aspect: binary formatsBSON, CBOR, MessagePack, UBJSONconfirmedkind: bug
Milestone
 
Release 3.0.0
@nlohmann

Description

@nlohmann
nlohmann
opened on Mar 17, 2017
Detailed report: https://oss-fuzz.com/testcase?key=4821044789510144

Project: json
Fuzzer: libFuzzer_json_parse_msgpack_fuzzer
Fuzz target binary: parse_msgpack_fuzzer
Job Type: libfuzzer_ubsan_json
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
j1 == j2

Sanitizer: undefined (UBSAN)

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_ubsan_json&range=201703121620:201703131620

Reproducer Testcase: https://oss-fuzz.com/download/AMIfv95r3siDN2ltToQ5vN36W9lve3Ln8EXjFiROzufTiDX1Y4GYkxsXvg5nIbXABtyUXl4dfW-Fn_pmbCc_1r3VfsyfzpeEp0MTaFe3oIQTKSt7YgrLUVxGZmR8fB1C6MIUA4DyNVwsjf1HC4arVV-O5g31YbYleidY5uzC8KQilSkYNIjQYdDmaUJUKfHe5zig5uS6gevOeIW3RIcIMrAjJgf7Uoz03CxVxO1CYhmrJuoAx4JZOeAWmRE0u8UCa9XHLrm_l1kei87ufEplTIOYlXFGDzxcMtM0UqIHY4WW5XWjHGp_QnZSLMNDBeqGIhlCpMcUuEETwU0Yqo0PJnZAwG2EkmvPJVADA28pdK1WuxyZdGaPvlG8nzFf40TQ8J80h7M67Ouh?testcase_id=4821044789510144


Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.

Running command: /mnt/scratch0/clusterfuzz/slave-bot/builds/clusterfuzz-builds_json_3dc7f07cae4ab217c21b70d40f93a3acccc6b431/revisions/parse_msgpack_fuzzer -runs=100 -rss_limit_mb=2048 -timeout=25 /fuzz-3-json_parse_msgpack_fuzzer
WARNING: Failed to find function "__sanitizer_print_stack_trace".
INFO: Seed: 3357778421
INFO: Loaded 1 modules (824 guards): [0x7399b0, 0x73a690),
/mnt/scratch0/clusterfuzz/slave-bot/builds/clusterfuzz-builds_json_3dc7f07cae4ab217c21b70d40f93a3acccc6b431/revisions/parse_msgpack_fuzzer: Running 1 inputs 100 time(s) each.
Running: /fuzz-3-json_parse_msgpack_fuzzer
parse_msgpack_fuzzer: src/fuzzer-parse_msgpack.cpp:45: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `j1 == j2 failed.
==1== ERROR: libFuzzer: deadly signal
NOTE: libFuzzer has rudimentary signal handlers.
Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal

clusterfuzz-testcase-4821044789510144.zip

Metadata

Assignees

Labels

aspect: binary formatsBSON, CBOR, MessagePack, UBJSONconfirmedkind: bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions