-
Notifications
You must be signed in to change notification settings - Fork 114
Bug trophy case
Rohan Padhye edited this page Jan 25, 2019
·
26 revisions
This is a list of new bugs found in open-source software using JQF. Feel free to add to this list if you find anything new using JQF.
- CVE-2018-3214: Endless Loop in RiffReader (discovered by Tobias Ospelt)
- JDK-8190332: PngReader throws NegativeArraySizeException when width is too large
- JDK-8190511: PngReader throws OutOfMemoryError for very small malformed PNGs
- JDK-8190512: PngReader throws undocumented IllegalArgumentException: "Empty Region" instead of IOException for malformed images with negative dimensions
- JDK-8190997: PngReader throws NullPointerException when PLTE section is missing
- JDK-8191023: PngReader throws NegativeArraySizeException in parse_tEXt_chunk when keyword length exceeeds chunk size
- JDK-8191076: PngReader throws NegativeArraySizeException in parse_zTXt_chunk when keyword length exceeds chunk size
- JDK-8191109: PngReader throws NegativeArraySizeException in parse_iCCP_chunk when keyword length exceeds chunk size
- JDK-8191174: PngReader throws undocumented llegalArgumentException with message "Pixel stride times width must be <= scanline stride"
- JDK-8191073: JpegImageReader throws IndexOutOfBoundsException when reading malformed header
- JDK-8193444: SimpleDateFormat throws ArrayIndexOutOfBoundsException when format contains long sequences of unicode characters
- JDK-8193877: DateTimeFormatterBuilder throws ClassCastException when using padding
- google/closure-compiler#2842: IllegalStateException in VarCheck: Unexpected variable
- google/closure-compiler#2843: NullPointerException when using Arrow Functions in dead code
- google/closure-compiler#3173: Algorithmic complexity / performance issue on fuzzed input
- mozilla/rhino#405: FAILED ASSERTION due to malformed destructuring syntax
- mozilla/rhino#406: ClassCastException when compiling malformed destructuring expression
- mozilla/rhino#407: java.lang.VerifyError in bytecode produced by CodeGen
- mozilla/rhino#409: ArrayIndexOutOfBoundsException when parsing '<!-'
- mozilla/rhino#410: NullPointerException in BodyCodeGen
- COMPRESS-424: BZip2CompressorInputStream throws ArrayIndexOutOfBoundsException(s) when decompressing malformed input
- LANG-1385: StringIndexOutOfBoundsException in NumberUtils.createNumber
- CVE-2018-11771: Infinite Loop in Commons-Compress ZipArchiveInputStream (found by Tobias Ospelt)
- MNG-6375/plexus-utils#34: NullPointerException when pom.xml has incomplete XML tag
- MNG-6374/plexus-utils#35: ModelBuilder hangs with malformed pom.xml
- MNG-6577/plexus-utils#57: Uncaught IllegalArgumentException when parsing unicode entity ref
- Bug 62655: Augment task: IllegalStateException when "id" attribute is missing
- BCEL-303: AssertionViolatedException in Pass 3A Verification of invoke instructions
- BCEL-307: ClassFormatException thrown in Pass 3A verification
- BCEL-308: NullPointerException in Verifier Pass 3A
- BCEL-309: NegativeArraySizeException when Code attribute length is negative
- BCEL-310: ArrayIndexOutOfBounds in Verifier Pass 3A
- BCEL-311: ClassCastException in Verifier Pass 2
- BCEL-312: AssertionViolation: INTERNAL ERROR Please adapt StringRepresentation to deal with ConstantPackage in Verifier Pass 2
- BCEL-313: ClassFormatException: Invalid signature: Ljava/lang/String)V in Verifier Pass 3A
- CVE-2018-8036: Infinite Loop leading to OOM in PDFBox's AFMParser (found by Tobias Ospelt)
- PDFBOX-4333: ClassCastException when loading PDF (found by Robin Schimpf)
- PDFBOX-4338: ArrayIndexOutOfBoundsException in COSParser (found by Robin Schimpf)
- PDFBOX-4339: NullPointerException in COSParser (found by Robin Schimpf)
- CVE-2018-8017: Infinite Loop in IptcAnpaParser
- CVE-2018-12418: Infinite Loop in junrar (found by Tobias Ospelt)
The source code examples in the wiki pages can be freely re-used under the same license as the rest of JQF.