Describe the bug UBSAN: runtime error: signed integer overflow: -126340289 * 17 cannot be represented in type 'int'
and UBSAN: runtime error: signed integer overflow: -2147450975 + -32767 cannot be represented in type 'int'
To Reproduce
Built stb according to the oss-fuzz script with CXXFLAGS='-O1 -fsanitize=address -fsanitize=array-bounds,bool,builtin,enum,float-divide-by-zero,function,integer-divide-by-zero,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unreachable,vla-bound,vptr'
UBSAN Output
$ ./stbi_read_fuzzer ./id:000130,sig:06,src:002266+002478,time:16238914,op:splice,rep:16,trial:1492432
INFO: Seed: 1429753284
INFO: Loaded 1 modules (6883 inline 8-bit counters): 6883 [0x5e1b33, 0x5e3616),
INFO: Loaded 1 PC tables (6883 PCs): 6883 [0x573228,0x58e058),
../cve_exp/work_LIBFUZZER_HELPER_STB_STBI_READ_FUZZER/out/stbi_read_fuzzer: Running 1 inputs 1 time(s) each.
Running: id:000130,sig:06,src:002266+002478,time:16238914,op:splice,rep:16,trial:1492432
src/stb/tests/../stb_image.h:2251:29: runtime error: signed integer overflow: -1073741919 * 2 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/stb/tests/../stb_image.h:2251:29 in
src/stb/tests/../stb_image.h:2249:35: runtime error: signed integer overflow: -2147450975 + -32767 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/stb/tests/../stb_image.h:2249:35 in
Executed id:000130,sig:06,src:002266+002478,time:16238914,op:splice,rep:16,trial:1492432 in 76 ms
***
*** NOTE: fuzzing was not performed, you have only
*** executed the target code on a fixed set of inputs.
***
Describe the bug
UBSAN: runtime error: signed integer overflow: -126340289 * 17 cannot be represented in type 'int'and
UBSAN: runtime error: signed integer overflow: -2147450975 + -32767 cannot be represented in type 'int'To Reproduce
Built stb according to the oss-fuzz script with
CXXFLAGS='-O1 -fsanitize=address -fsanitize=array-bounds,bool,builtin,enum,float-divide-by-zero,function,integer-divide-by-zero,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unreachable,vla-bound,vptr'UBSAN Output
Crashing files
ubsan-integer-overflow.zip
The text was updated successfully, but these errors were encountered: