[libdvdnav-devel] Crashes with corrupt ISO
Steve Dibb
beandog at gentoo.org
Mon Jan 5 00:26:00 CET 2015
On Wed, 24 Dec 2014 09:40:54 +0100
Thomas Lindroth <thomas.lindroth at gmail.com> wrote:
> On 12/23/2014 05:51 PM, Steve Dibb wrote:
> > Agreed. I'm willing to take it on, but having broken sources make
> > life a lot easier sometimes, so if you have more, post them here or
> > send them my way and I'll debug them.
> Excellent. I used lsdvd as a front end to libdvdread when I did the
> fuzzing. Unfortunately this means that some of the crashes I found are
> not in libdvdread but in lsdvd. I see that you are the author of
> dvd_info so I reused the crash data I had and re-ran the fuzzer with
> dvd_info as front end instead.
Awesome, thanks. :D
> Here is a collection of about 300 crashes with dvd_info. The afl-fuzz
> claim they are all unique but that usually just means the same bug is
> triggered by many different code paths. The filenames say what kind of
> crash it is. Signal 6 crashes are usually libc double free or
> corruption aborts but they can also be out of memory errors. I ran
> the fusser with a 1G ulimit because it's not reasonable for it to use
> more memory. Latest git was used.
>
> https://www.dropbox.com/s/h1x6laz1jsapk3a/crashes.tar.xz
>
> If you fix these crashes I'll re-run the fuzzer for a longer period of
> time to find more obscure problems. These should keep you busy for a
> while.
Thanks, man, this is great stuff. One question: how do you determine
whether the bug is in dvd_info or libdvdread?
Steve
More information about the libdvdnav-devel
mailing list