[postgis-tickets] [PostGIS] #4621: oss-fuzz: stack overflow in lwcollection_from_wkb_state
PostGIS
trac at osgeo.org
Thu Jan 16 12:45:46 PST 2020
#4621: oss-fuzz: stack overflow in lwcollection_from_wkb_state
---------------------+---------------------------
Reporter: komzpa | Owner: pramsey
Type: defect | Status: new
Priority: medium | Milestone: PostGIS 3.1.0
Component: postgis | Version: master
Keywords: |
---------------------+---------------------------
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20159
{{{
4 lines omitted
SCARINESS: 10 (stack-overflow)
#0 0x4b5641 in
__sanitizer::StackDepotBase<__sanitizer::StackDepotNode, 1,
20>::Put(__sanitizer::StackTrace, bool*) /src/llvm-project/compiler-
rt/lib/sanitizer_common/sanitizer_stackdepotbase.h:98
#1 0x4b5616 in __sanitizer::StackDepotPut(__sanitizer::StackTrace)
/src/llvm-project/compiler-
rt/lib/sanitizer_common/sanitizer_stackdepot.cpp:98:33
#2 0x41df1e in __asan::Allocator::Allocate(unsigned long, unsigned
long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /src
/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:526:27
#3 0x41d933 in __asan::asan_malloc(unsigned long,
__sanitizer::BufferedStackTrace*) /src/llvm-project/compiler-
rt/lib/asan/asan_allocator.cpp:892:34
#4 0x49509b in malloc /src/llvm-project/compiler-
rt/lib/asan/asan_malloc_linux.cpp:146:10
#5 0x503bb6 in lwcollection_construct_empty
/src/postgis/liblwgeom/lwcollection.c:101:8
#6 0x510090 in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:674:22
#7 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#8 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#9 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#10 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#11 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#12 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#13 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#14 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#15 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#16 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#17 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#18 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#19 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#20 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#21 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#22 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
#23 0x51012c in lwcollection_from_wkb_state
/src/postgis/liblwgeom/lwin_wkb.c:690:10
483 lines omitted
}}}
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/4621>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-tickets
mailing list