We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I was running guetzli v1.0, and I encountered an interger overflow bug. The detailed error message is as follows:
guetzli/jpeg_data_writer.cc:494:38: runtime error: shift exponent 32 is too large for 32-bit type 'int' #0 0x563b6bac9ec7 in guetzli::(anonymous namespace)::EncodeDCTBlockSequential(short const*, guetzli::HuffmanCodeTable const&, guetzli::HuffmanCodeTable const&, short*, guetzli::BitWriter*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/jpeg_data_writer.cc:494:38 #1 0x563b6bac9ec7 in guetzli::(anonymous namespace)::EncodeScan(guetzli::JPEGData const&, std::__debug::vector<guetzli::HuffmanCodeTable, std::allocator<guetzli::HuffmanCodeTable> > const&, std::__debug::vector<guetzli::HuffmanCodeTable, std::allocator<guetzli::HuffmanCodeTable> > const&, guetzli::JPEGOutput) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/jpeg_data_writer.cc:529:13 #2 0x563b6bac9ec7 in guetzli::WriteJpeg(guetzli::JPEGData const&, bool, guetzli::JPEGOutput) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/jpeg_data_writer.cc:558:11 #3 0x563b6ba50e9d in guetzli::(anonymous namespace)::Processor::OutputJpeg(guetzli::JPEGData const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:119:8 #4 0x563b6ba67933 in guetzli::(anonymous namespace)::Processor::TryQuantMatrix(guetzli::JPEGData const&, float, int (*) [64], guetzli::OutputImage*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:297:5 #5 0x563b6ba4bb99 in guetzli::(anonymous namespace)::Processor::SelectQuantMatrix(guetzli::JPEGData const&, bool, int (*) [64], guetzli::OutputImage*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:332:22 #6 0x563b6ba4bb99 in guetzli::(anonymous namespace)::Processor::ProcessJpegData(guetzli::Params const&, guetzli::JPEGData const&, guetzli::Comparator*, guetzli::GuetzliOutput*, guetzli::ProcessStats*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:840:10 #7 0x563b6ba4bb99 in guetzli::ProcessJpegData(guetzli::Params const&, guetzli::JPEGData const&, guetzli::Comparator*, guetzli::GuetzliOutput*, guetzli::ProcessStats*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:866:20 #8 0x563b6ba4f7c7 in guetzli::Process(guetzli::Params const&, guetzli::ProcessStats*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*) /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/guetzli/processor.cc:895:13 #9 0x563b6ba10dfa in LLVMFuzzerTestOneInput /data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/BUILD/fuzz_target.cc:22:9 #10 0x563b6b8b3a50 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/build-user/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:614:13 #11 0x563b6b8a6e54 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /home/build-user/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #12 0x563b6b8ac367 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/build-user/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:859:9 #13 0x563b6b8c7832 in main /home/build-user/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #14 0x7fb1668be082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 0702430aef5fa3dda43986563e9ffcc47efbd75e) #15 0x563b6b8a3a9d in _start (/data/apr/llmfixed-fuzzer-test-suite/guetzli-2017-3-30/build/guetzli-2017-3-30-fuzzer+0xf4a9d)
Here is the crash poc: crash-2.zip
Thank you for your attention to this matter.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
I was running guetzli v1.0, and I encountered an interger overflow bug.
The detailed error message is as follows:
Here is the crash poc: crash-2.zip
Thank you for your attention to this matter.
The text was updated successfully, but these errors were encountered: