Bug 2207531

Summary: Fuzzer founds issue: ERROR: AddressSanitizer: SEGV on unknown address
Product: Red Hat Enterprise Linux 8 Reporter: Lukas Javorsky <ljavorsk>
Component: zlibAssignee: Lukas Javorsky <ljavorsk>
Status: VERIFIED --- QA Contact: Dita Stehlikova <dstehlik>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.9CC: databases-maint, dstehlik, mmuzila, pkubat, zmiklank
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: zlib-1.2.11-25.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Lukas Javorsky 2023-05-16 08:10:55 UTC 
This bug was initially created as a copy of Bug #2167803

I am copying this bug because: 



Description of problem:
Issue reported by Ilya Leoshkevich from IBM

The tests pass, but fuzzing finds something:

==290951==ERROR: AddressSanitizer: SEGV on unknown address
0x62d100000000 (pc 0x0000011806be bp 0x03ffffff5a70 sp 0x03ffffff5a70
T0)
==290951==The signal is caused by a UNKNOWN memory access.
    #0 0x11806be in fill_window /home/iii/zlib-fuzz/build/zlib/build-
libfuzzer/deflate.c:1604:24
    #1 0x119d31f in deflate_fast /home/iii/zlib-fuzz/build/zlib/build-
libfuzzer/deflate.c:1902:13
    #2 0x118e60f in deflate /home/iii/zlib-fuzz/build/zlib/build-
libfuzzer/deflate.c:1066:18
    #3 0x1174983 in Deflate /home/iii/zlib-fuzz/fuzz_target.cpp:250:13
    #4 0x1174983 in RunDeflateOp /home/iii/zlib-
fuzz/fuzz_target.cpp:795:15
    #5 0x1174983 in ExecutePlan /home/iii/zlib-
fuzz/fuzz_target.cpp:1006:5
    #6 0x1174983 in LLVMFuzzerTestOneInput /home/iii/zlib-
fuzz/fuzz_target.cpp:1075:3


Ilya also found a fix for this issue that has been committed by upstream author:
https://github.com/madler/zlib/commit/2d80d3f6b52f9fa454c26c89d2d6a1790e1cecb0
Comment 1 Lukas Javorsky 2023-05-16 10:22:45 UTC 
MR: https://gitlab.com/redhat/centos-stream/rpms/zlib/-/merge_requests/27
Comment 2 Lukas Javorsky 2023-05-17 18:52:18 UTC 
Merged