fix bugs #186 and #191, oss-fuzz/9831: use-of-uninitialized-value · Linaro/warpdrive-zlib@cf1e67e

This repository has been archived by the owner on Sep 3, 2020. It is now read-only.

Commit

fix bugs madler#186 and madler#191, oss-fuzz/9831: use-of-uninitializ…

…ed-value

==1==WARNING: MemorySanitizer: use-of-uninitialized-value
  #0 0x59fa93 in deflate_medium zlib-ng/deflate_medium.c:259:21
  madler#1 0x590905 in zng_deflate zlib-ng/deflate.c:951:18
  madler#2 0x587095 in zng_compress2 zlib-ng/compress.c:59:15
  madler#3 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3
  madler#4 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3
  madler#5 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  madler#6 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  madler#7 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  madler#8 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  madler#9 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
  madler#10 0x41ec68 in _start
Uninitialized value was created by a heap allocation
  #0 0x45f2a0 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:910
  madler#1 0x587d42 in zng_deflateInit2_ zlib-ng/deflate.c:284:27
  madler#2 0x5874fa in zng_deflateInit_ zlib-ng/deflate.c:224:12
  madler#3 0x586c95 in zng_compress2 zlib-ng/compress.c:41:11
  madler#4 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3
  madler#5 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3
  madler#6 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  madler#7 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  madler#8 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  madler#9 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  madler#10 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291

Loading branch information

Sebastian Pop authored and Dead2 committed Sep 17, 2018

1 parent 11989c9 commit cf1e67e

deflate.c

-Original file line number
+Diff line change
@@ Expand Up / @@ -1150,6 +1150,7 @@ static void lm_init(deflate_state *s) { @@
         s->insert = 0;
         s->match_length = s->prev_length = MIN_MATCH-1;
         s->match_available = 0;
+        s->match_start = 0;
         s->ins_h = 0;
     }
@@ Expand Down @@

0 comments on commit `cf1e67e`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `cf1e67e`

Commit

There are no files selected for viewing

0 comments on commit cf1e67e

0 comments on commit `cf1e67e`