[llvm-bugs] Issue 18456 in oss-fuzz: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #5 on issue 18456 by ClusterFuzz-External: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18456#c5 ClusterFuzz testcase 5647561683107840 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=202308130621:202308200617 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18456 in oss-fuzz: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex
Updates: Cc: jo...@devlieghere.com Comment #4 on issue 18456 by ClusterFuzz-External: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18456#c4 (No comment was entered for this change.) -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18456 in oss-fuzz: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex
Updates: Cc: sammcc...@google.com Comment #3 on issue 18456 by ClusterFuzz-External: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18456#c3 (No comment was entered for this change.) -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18456 in oss-fuzz: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex
Updates: Labels: Deadline-Approaching Comment #2 on issue 18456 by sheriff...@chromium.org: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18456#c2 This bug is approaching its deadline for being fixed, and will be automatically derestricted within 7 days. If a fix is planned within 2 weeks after the deadline has passed, a grace extension can be granted. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18456 in oss-fuzz: llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex
Status: New
Owner:
CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com,
igm...@gmail.com, d...@google.com, mit...@google.com,
bigchees...@gmail.com, eney...@google.com, llvm-b...@lists.llvm.org,
j...@chromium.org, v...@apple.com, mitchphi...@outlook.com,
xpl...@gmail.com, akils...@apple.com
Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible
Engine-libfuzzer OS-Linux Proj-llvm Security_Severity-High
Reported-2019-10-22
Type: Bug-Security
New issue 18456 by ClusterFuzz-External: llvm:clang-objc-fuzzer:
Heap-use-after-free in clang::TokenLexer::Lex
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18456
Detailed Report: https://oss-fuzz.com/testcase?key=5647561683107840
Project: llvm
Fuzzing Engine: libFuzzer
Fuzz Target: clang-objc-fuzzer
Job Type: libfuzzer_asan_llvm
Platform Id: linux
Crash Type: Heap-use-after-free READ {*}
Crash Address: 0x63402840
Crash State:
clang::TokenLexer::Lex
clang::Preprocessor::Lex
clang::Parser::ParseObjCMethodDefinition
Sanitizer: address (ASAN)
Recommended Security Severity: High
Regressed:
https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201910210337:201910220425
Reproducer Testcase:
https://oss-fuzz.com/download?testcase_id=5647561683107840
Issue filed automatically.
See https://google.github.io/oss-fuzz/advanced-topics/reproducing for
instructions to reproduce this bug locally.
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any
stable releases.
* add any other useful information.
This information can help downstream consumers.
If you need to contact the OSS-Fuzz team with a question, concern, or any
other feedback, please file an issue at
https://github.com/google/oss-fuzz/issues. Comments on individual Monorail
issues are not monitored.
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
