[ntp:security] Issue 31601 in oss-fuzz: ntp:fuzz_ntpd_receive: Unexpected-exit in create_wildcards

ClusterFuzz-External via monorail monorail+v2.382749006 at chromium.org
Tue Mar 2 14:50:59 UTC 2021


Status: New
Owner: ----
CC: secur... at ntp.org, p.ant... at catenacyber.fr 
Labels: Restrict-View-Commit ClusterFuzz Unreproducible Engine-libfuzzer OS-Linux Proj-ntp Reported-2021-03-02
Type: Bug

New issue 31601 by ClusterFuzz-External: ntp:fuzz_ntpd_receive: Unexpected-exit in create_wildcards
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31601

Detailed Report: https://oss-fuzz.com/testcase?key=6215655529512960

Project: ntp
Fuzzing Engine: libFuzzer
Fuzz Target: fuzz_ntpd_receive
Job Type: libfuzzer_msan_ntp
Platform Id: linux

Crash Type: Unexpected-exit
Crash Address: 
Crash State:
  create_wildcards
  create_sockets
  io_open_sockets
  
Sanitizer: memory (MSAN)

Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_msan_ntp&revision=202102170630

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6215655529512960

Issue filed automatically.

See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.

************************* UNREPRODUCIBLE *************************
Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days, we've been seeing this crash frequently.

It may be possible to reproduce by trying the following options:
- Run testcase multiple times for a longer duration.
- Run fuzzing without testcase argument to hit the same crash signature.

If it still does not reproduce, try a speculative fix based on the crash stacktrace and verify if it works by looking at the crash statistics in the report. We will auto-close the bug if the crash is not seen for 14 days.
******************************************************************
When you fix this bug, please
  * mention the fix revision(s).
  * state whether the bug was a short-lived regression or an old bug in any stable releases.
  * add any other useful information.
This information can help downstream consumers.

If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.

-- 
You received this message because:
  1. You were specifically CC'd on the issue

You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings

Reply to this email to add a comment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20210302/09a9242b/attachment.html>


More information about the security mailing list