fail to allocate in tiffinfo at tiffinfo.c:339
Hello,
We are currently working on fuzz testing feature, and we found a failed to allocate error on tiffinfo.
The stack traces are as follow:
==29276==ERROR: AddressSanitizer failed to allocate 0xf627ba000 (66076778496) bytes of LargeMmapAllocator (error code: 12)
==29276==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_common.cc:118 "((0 && "unable to mmap")) != (0)" (0x0, 0x0)
#0 0x7fdb2348dbf2 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe9bf2)
#1 0x7fdb234ac575 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x108575)
#2 0x7fdb23497482 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xf3482)
#3 0x7fdb234a3895 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xff895)
#4 0x7fdb233cc7fd (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x287fd)
#5 0x7fdb23482b0a in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb0a)
#6 0x7fdb245056eb in _TIFFmalloc .../libtiff-git/libtiff/tif_unix.c:314
#7 0x5634f143ff66 in TIFFReadSeparateTileData .../libtiff-git/tools/tiffinfo.c:339
#8 0x5634f1440634 in TIFFReadData .../libtiff-git/tools/tiffinfo.c:381
#9 0x5634f144162c in tiffinfo .../libtiff-git/tools/tiffinfo.c:541
#10 0x5634f143eb49 in main .../libtiff-git/tools/tiffinfo.c:159Here is the full stack trace : full_stacktrace_poc_4.zip
Step to reproduce
We configured tiffinfo using CFLAGS="-g -O0 -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=$(pwd)/ and build it using make -j10, and run it with:
./tiffinfo -D libtiff -i tiffinfo -s <attached file> -d -jAttachment: input_tiffinfo_poc_4.zip
Environment
- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- libtiff version: latest commit (07b73cfd) of the master branch in gitlab link
Thank you.