Issue 13590: tesseract-ocr/fuzzer-api: Heap-buffer-overflow in GenericVector<int>::size #2298
Comments
|
This crash happens very often in the fuzzing test. It seems to be caused by Tesseract using the wrong unicharset, so tessdata_best, tessdata_fast and the initial revision of tessdata are not affected. It can occur with traineddata which includes different unicharsets for legacy and LSTM recognizers. The fuzzer uses tessdata/eng.traineddata where eng.lstm-unicharset has 112 entries while eng.unicharset has 113 entries. It tries to get entry 112 which only exists in the legacy unicharset. Obviously PR #1954 did not fix all code locations. |
stweil
added a commit
to stweil/tesseract
that referenced
this issue
Mar 10, 2019
…-ocr#2298) Credit to OSS-Fuzz: This fixes an issue which was reported by OSS-Fuzz: Add also some assertions to catch similar bugs. Signed-off-by: Stefan Weil <sw@weilnetz.de>
stweil
added a commit
to stweil/tesseract
that referenced
this issue
Mar 10, 2019
…-ocr#2298) Credit to OSS-Fuzz: This fixes a security issue which was reported by OSS-Fuzz, see details at https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13590. Add also some assertions to catch similar bugs. Signed-off-by: Stefan Weil <sw@weilnetz.de>
zdenop
added a commit
that referenced
this issue
Mar 10, 2019
Fix Heap-buffer-overflow in GenericVector<int>::size (issue #2298)
|
Pull request #2305 fixed this issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OSS Fuzz reports a security issue.
The text was updated successfully, but these errors were encountered: