Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

panic in residue_packet_decode_inner #42

Closed
Shnatsel opened this issue Feb 24, 2019 · 2 comments
Closed

panic in residue_packet_decode_inner #42

Shnatsel opened this issue Feb 24, 2019 · 2 comments
Labels
bug

Comments

@Shnatsel
Copy link
Contributor

Shnatsel commented Feb 24, 2019
edited
Loading

lewton panics in residue_packet_decode_inner given crafted input. Error message:
'index 21 out of range for slice of length 16' and similar with varying indices and lengths.

Steps to reproduce:
RUSTFLAGS='--cfg=fuzzing' cargo run --release --example perf /path/to/file.ogg

Sample files triggering the crash: oor-panic-in-residue_packet_decode_inner.zip

Found with AFL.rs.
@est31 est31 added the bug label Feb 24, 2019
@est31
Copy link
Member

est31 commented Feb 26, 2019

Hmm so this bug is weird. When I check whether codebook_dimensions + partition_size > vec_v.len() beforehand, the unit tests start failing. So I need to put the check into the loop :/. Let's just make the error silent.

@est31
Copy link
Member

est31 commented Feb 26, 2019

The repacked test samples are:

est31 added a commit that referenced this issue Feb 26, 2019
@est31
Implement a fix for #42
489948d
@est31 est31 closed this as completed in 0d13bc4 Feb 26, 2019
@est31 est31 mentioned this issue Feb 26, 2019
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Shnatsel @est31