-
Notifications
You must be signed in to change notification settings - Fork 623
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Out-of-range panic in gif::Decoder::into_frames() #876
Comments
I've filed this issue here because the backtrace points to a function in |
I believe this may be fixed now, can't reproduce this. I'm running |
Nice, I'll re-run AFL with my fuzzing seeds and see if it uncovers anything else. AFL is much (10x) faster if you're only looking for panics because it doesn't require address sanitizer or any other expensive sanitizers to be enabled. |
Still seems to require changing the linker to |
Nope, If you're getting crashes from AFL you can't reproduce, you're probably hitting a memory limit - fuzzer treats this as a crash. Try specifying larger value for -m parameter for AFL.
|
Well I did just test that, and I even tested actively updating to |
Oh! Make sure you're setting |
I can no longer reproduce this issue as of ac93e75, closing. I'll leave afl overnight to look for other panics. |
The attached test samples trigger a panic in
gif::Decoder::into_frames()
gif-oor.zip
Code for reproducing the issue:
This bug is similar to, but distinct from #816. The attached testcases still cause crashes on latest git master (as of commit 865d2fc) while the testcase from #816 does not.
Found with AFL.rs
The text was updated successfully, but these errors were encountered: