Update bug metadata crash lines

Makefile

@@ -49,7 +49,7 @@ VENV_ACTIVATE := .venv/bin/activate
 
 ${VENV_ACTIVATE}: requirements.txt
 	python3.10 -m venv .venv || python3 -m venv .venv
-	source ${VENV_ACTIVATE} && python3 -m pip install --upgrade pip setuptools && python3 -m pip install -r requirements.txt
+	source ${VENV_ACTIVATE} && python3 -m pip install --upgrade pip && python3 -m pip install -r requirements.txt && python3 -m pip install setuptools
 
 install-dependencies: ${VENV_ACTIVATE}
 

benchmarks/c-blosc2_transplant_decompress_frame_fuzzer/Dockerfile

@@ -0,0 +1,31 @@
+# Use the committed merge container as base for identical build environment.
+# This image has the exact same OS packages, library versions, and source tree
+# that were used during bug transplant verification.
+FROM c-blosc2-merge:79e921d9
+
+# The merge container runs as a non-root user (agent).  Switch back to root
+# so downstream Dockerfiles (AFL++'s builder, benchmark-builder, etc.) can
+# install packages and write to system directories.
+USER root
+
+# docker commit can snapshot a broken apt state - fix it so downstream
+# Dockerfiles (e.g. AFL++'s builder.Dockerfile) can apt-get install.
+RUN rm -rf /var/lib/apt/lists/* && mkdir -p /var/lib/apt/lists/partial && apt-get update
+
+WORKDIR /src/c-blosc2
+
+# Keep ASan stack-use-after-return detection enabled for direct testcase replay.
+ENV ASAN_OPTIONS="detect_leaks=0:detect_stack_use_after_return=1"
+
+# Raise libFuzzer's per-alloc / RSS cap from its 2048MB default. Some transplanted
+# bugs (e.g. c-blosc2 OSV-2021-464) trigger a ~2GB malloc en route to the real
+# memory-safety error; with the default cap libFuzzer aborts with
+# `out-of-memory` and `-ignore_ooms=1` silently drops it. libFuzzer-family
+# runners in fuzzbench/fuzzers/*/fuzzer.py splice $ADDITIONAL_ARGS onto the
+# target command line, so this propagates automatically.
+ENV ADDITIONAL_ARGS="-rss_limit_mb=8192"
+
+# Bug transplant patches (re-applied by build.sh after checkout_commit.py resets source)
+COPY patches/ /src/patches/
+COPY seeds/ /src/benchmark_seeds/
+COPY build.sh $SRC/

benchmarks/c-blosc2_transplant_decompress_frame_fuzzer/benchmark.yaml

@@ -0,0 +1,5 @@
+project: c-blosc2
+fuzz_target: decompress_frame_fuzzer
+commit: 79e921d904d46fc9edc292e02a48f1aa54567a7d
+commit_date: 2021-08-24T14:27:56+00:00
+type: bug

benchmarks/c-blosc2_transplant_decompress_frame_fuzzer/bug_metadata.json

@@ -0,0 +1,211 @@
+{
+  "project": "c-blosc2",
+  "target_commit": "79e921d904d46fc9edc292e02a48f1aa54567a7d",
+  "dispatch_bytes": 2,
+  "total_bugs": 29,
+  "bugs": {
+    "OSV-2020-2184": {
+      "dispatch_value": 1,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 1366,
+      "crash_function": "get_vlmeta_from_trailer"
+    },
+    "OSV-2021-21": {
+      "dispatch_value": 2,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 685,
+      "crash_function": "blosc_read_header"
+    },
+    "OSV-2021-22": {
+      "dispatch_value": 4,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 1265,
+      "crash_function": "get_meta_from_header"
+    },
+    "OSV-2021-213": {
+      "dispatch_value": 8,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 215,
+      "crash_function": "ZSTD_freeDDict"
+    },
+    "OSV-2021-221": {
+      "dispatch_value": 16,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-246": {
+      "dispatch_value": 32,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 1455,
+      "crash_function": "get_vlmeta_from_trailer"
+    },
+    "OSV-2021-247": {
+      "dispatch_value": 64,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 685,
+      "crash_function": "blosc_read_header"
+    },
+    "OSV-2021-274": {
+      "dispatch_value": 128,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 1289,
+      "crash_function": "get_meta_from_header"
+    },
+    "OSV-2021-369": {
+      "dispatch_value": 256,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 685,
+      "crash_function": "blosc_read_header"
+    },
+    "OSV-2021-404": {
+      "dispatch_value": 512,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 685,
+      "crash_function": "blosc_read_header"
+    },
+    "OSV-2021-429": {
+      "dispatch_value": 1024,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-639": {
+      "dispatch_value": 2048,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 2622,
+      "crash_function": "_blosc_getitem"
+    },
+    "OSV-2022-4": {
+      "dispatch_value": 4096,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 134,
+      "crash_function": "ZSTD_initDDict_internal"
+    },
+    "OSV-2022-34": {
+      "dispatch_value": 8192,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/lz4-1.9.3/lz4.c",
+      "crash_line": 469,
+      "crash_function": "LZ4_wildCopy32"
+    },
+    "OSV-2022-486": {
+      "dispatch_value": 16384,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 3404,
+      "crash_function": "blosc2_get_io_cb"
+    },
+    "OSV-2023-51": {
+      "dispatch_value": 32768,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 215,
+      "crash_function": "ZSTD_freeDDict"
+    },
+    "OSV-2021-464": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 181,
+      "crash_function": "my_malloc"
+    },
+    "OSV-2021-481": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 134,
+      "crash_function": "ZSTD_initDDict_internal"
+    },
+    "OSV-2021-485": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-487": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-496": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-498": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 2107,
+      "crash_function": "frame_get_lazychunk"
+    },
+    "OSV-2021-526": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc-private.h",
+      "crash_line": 90,
+      "crash_function": "sw32_"
+    },
+    "OSV-2021-622": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/frame.c",
+      "crash_line": 1455,
+      "crash_function": "get_vlmeta_from_trailer"
+    },
+    "OSV-2021-997": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 134,
+      "crash_function": "ZSTD_initDDict_internal"
+    },
+    "OSV-2021-1791": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 134,
+      "crash_function": "ZSTD_initDDict_internal"
+    },
+    "OSV-2022-511": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_ddict.c",
+      "crash_line": 134,
+      "crash_function": "ZSTD_initDDict_internal"
+    },
+    "OSV-2022-1242": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/blosc/blosc2.c",
+      "crash_line": 685,
+      "crash_function": "blosc_read_header"
+    },
+    "OSV-2021-897": {
+      "dispatch_value": 0,
+      "triggered": true,
+      "crash_file": "/src/c-blosc2/internal-complibs/zstd-1.4.8/decompress/zstd_decompress.c",
+      "crash_line": 596,
+      "crash_function": "ZSTD_copyRawBlock"
+    }
+  }
+}