Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSS-Fuzz issues #363

Closed
oliverchang opened this issue Jul 13, 2022 · 1 comment
Closed

OSS-Fuzz issues #363

oliverchang opened this issue Jul 13, 2022 · 1 comment
Labels
invalid

Comments

@oliverchang
Copy link

oliverchang commented Jul 13, 2022
edited
Loading

Hi there!

I'm an OSS-Fuzz maintainer, and we have been fuzzing tinygltf for the past year.

There are a number of open issues: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=tinygltf

In particular, some of these have security implications:

  1. A heap buffer overflow: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35426
  2. And a more severe/easily exploited security vulnerability here: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49053 (still restricted due to our 90 deadline policy).

Would a maintainer here be able to help take a look at these? We'd be happy to help answer any questions or help with reproduction.

Thanks!
@syoyo syoyo added the invalid label Jul 13, 2022
@syoyo syoyo closed this as completed Jul 13, 2022
@syoyo
Copy link
Owner

syoyo commented Jul 13, 2022

#291

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@syoyo @oliverchang