heap-buffer-overflow in g_utf8_get_char_extended
==18==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000535
READ of size 1 at 0x602000000535 thread T0
SCARINESS: 12 (1-byte-read-heap-buffer-overflow)
#0 0x5ff4fa in g_utf8_get_char_extended /work/meson/../../src/glib/glib/gutf8.c:637:21
#1 0x5ff22e in g_utf8_get_char_validated /work/meson/../../src/glib/glib/gutf8.c:686:12
#2 0x5c3936 in utf8_str /work/meson/../../src/glib/glib/gmarkup.c:567:16
#3 0x5c1bc5 in g_markup_parse_context_parse /work/meson/../../src/glib/glib/gmarkup.c:1433:30
#4 0x5bee19 in LLVMFuzzerTestOneInput /src/fuzz_markup.c:20:10
I assume the report below is the same bug.
==18==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x609813 in g_utf8_get_char_extended /work/meson/../../src/glib/glib/gutf8.c:639:11
#1 0x608f54 in g_utf8_get_char_validated /work/meson/../../src/glib/glib/gutf8.c:686:12
#2 0x58ed7d in utf8_str /work/meson/../../src/glib/glib/gmarkup.c:567:16
#3 0x58b611 in g_markup_parse_context_parse /work/meson/../../src/glib/glib/gmarkup.c:1433:30
#4 0x5869a1 in LLVMFuzzerTestOneInput /src/fuzz_markup.c:20:10
Same 5-byte test case for both: <\x09r=\xfc
.