We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I am an undergraduate student exploring automatic fuzzing harness generation for open source api's. I found that executing geosop with these arguments: ./geosop -a "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" -b "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" largestEmptyCircleBdy 2
./geosop -a "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" -b "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" largestEmptyCircleBdy 2
results in a segmentation fault.
This is the asan report of the fuzzing harness that found this:
AddressSanitizer:DEADLYSIGNAL ================================================================= ==432365==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7ffff7140293 bp 0x0c0400000102 sp 0x7fffffffd5f0 T0) ==432365==The signal is caused by a READ memory access. ==432365==Hint: address points to the zero page. #0 0x7ffff7140293 in geos::algorithm::Centroid::centroid3(geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, geos::geom::CoordinateXY&) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp #1 0x7ffff7140293 in geos::algorithm::Centroid::addTriangle(geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, bool) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp:139:5 #2 0x7ffff7140293 in geos::algorithm::Centroid::addHole(geos::geom::CoordinateSequence const&) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp:129:9 #3 0x7ffff713f8ee in geos::algorithm::Centroid::add(geos::geom::Polygon const&) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp:104:9 #4 0x7ffff713e7c0 in geos::algorithm::Centroid::Centroid(geos::geom::Geometry const&) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/include/geos/algorithm/Centroid.h:84:9 #5 0x7ffff713e7c0 in geos::algorithm::Centroid::getCentroid(geos::geom::Geometry const&, geos::geom::CoordinateXY&) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp:40:14 #6 0x7ffff72915c3 in geos::geom::Geometry::getCentroid(geos::geom::CoordinateXY&) const /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/geom/Geometry.cpp:198:10 #7 0x7ffff71cb311 in geos::algorithm::construct::LargestEmptyCircle::createCentroidCell(geos::geom::Geometry const*) /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/construct/LargestEmptyCircle.cpp:191:11 #8 0x7ffff71cb311 in geos::algorithm::construct::LargestEmptyCircle::compute() /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/construct/LargestEmptyCircle.cpp:229:25 #9 0x7ffff71caa35 in geos::algorithm::construct::LargestEmptyCircle::getRadiusLine() /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/construct/LargestEmptyCircle.cpp:102:5 #10 0x7ffff7f364be in GEOSLargestEmptyCircle_r::$_57::operator()() const /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/capi/geos_ts_c.cpp:1359:27 #11 0x7ffff7f364be in _Z7executeIZ24GEOSLargestEmptyCircle_rE4$_57LDn0EEDTclfp0_EEP20GEOSContextHandle_HSOT_ /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/capi/geos_ts_c.cpp:430:16 #12 0x7ffff7f364be in GEOSLargestEmptyCircle_r /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/capi/geos_ts_c.cpp:1357:16 #13 0x5555556312a0 in main /home/gabe/harness_test/harness_test/APIS/geosfuzzing/sandbox.c:49:48 #14 0x7ffff7a29d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #15 0x7ffff7a29e3f in __libc_start_main csu/../csu/libc-start.c:392:3 #16 0x555555573494 in _start (/home/gabe/harness_test/harness_test/APIS/geosfuzzing/test.out+0x1f494) (BuildId: d67c00766c3277b8479ab4bc934ea844c303fe72) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/gabe/harness_test/fuzzing-libraries/updatedgeos/geos/src/algorithm/Centroid.cpp in geos::algorithm::Centroid::centroid3(geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, geos::geom::CoordinateXY const&, geos::geom::CoordinateXY&) ==432365==ABORTING
Test Environment Ubuntu 22.04, 64bit Harness written using geos capi Using the Latest version: 0aef713
The text was updated successfully, but these errors were encountered:
No branches or pull requests
I am an undergraduate student exploring automatic fuzzing harness generation for open source api's. I found that executing geosop with these arguments:
./geosop -a "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" -b "POLYGON((0 0, 10 0, 10 1 ,70 11, 0 0) , EMPTY , EMPTY , EMPTY , EMPTY , EMPTY )" largestEmptyCircleBdy 2results in a segmentation fault.
This is the asan report of the fuzzing harness that found this:
Test Environment
Ubuntu 22.04, 64bit
Harness written using geos capi
Using the Latest version: 0aef713
The text was updated successfully, but these errors were encountered: