fail to allocate in tiffsplit at tiffsplit.c:276
Hello,
We are currently working on fuzz testing feature, and we found a failed fo allocate error on tiffsplit
.
The stack traces are as follow:
==29485==ERROR: AddressSanitizer failed to allocate 0xd7ec984000 (927387369472) bytes of LargeMmapAllocator (error code: 12)
==29485==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_common.cc:118 "((0 && "unable to mmap")) != (0)" (0x0, 0x0)
#0 0x7f2a67e67bf2 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe9bf2)
#1 0x7f2a67e86575 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x108575)
#2 0x7f2a67e71482 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xf3482)
#3 0x7f2a67e7d895 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xff895)
#4 0x7f2a67da67fd (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x287fd)
#5 0x7f2a67e5cb0a in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb0a)
#6 0x7f2a68edf6eb in _TIFFmalloc .../libtiff-git/libtiff/tif_unix.c:314
#7 0x559a30e0c9a8 in cpTiles .../libtiff-git/tools/tiffsplit.c:276
#8 0x559a30e0c39d in tiffcp .../libtiff-git/tools/tiffsplit.c:233
#9 0x559a30e0a673 in main .../libtiff-git/tools/tiffsplit.c:96
Here is the full stack trace : full_stacktrace_poc_1.zip
Step to reproduce
We configured tiffsplit
using CFLAGS="-g -O0 -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=$(pwd)/
and build it using make -j10
, and run it with:
./tiffsplit <attached file>
Attachment: input_tiffsplit_poc_1.zip
Environment
- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- libtiff version: latest commit (07b73cfd) of the master branch in gitlab link
Thank you.