-
Recent Posts
Recent Comments
- strongcourage on Why I stopped fuzzing research
- Bob Friesenhahn on Why I stopped fuzzing research
- #gentoo dev: Why I stopped fuzzing research https://blogs.gentoo.or… | Dr. Roy Schestowitz (罗伊) on Why I stopped fuzzing research
- Ulya on Why I stopped fuzzing research
- ago on Install Gentoo in less than one minute
Archives
- July 2020
- April 2020
- March 2019
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: September 2016
mupdf: mujstest: strcpy-param-overlap in main (jstest_main.c)
Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a strcpy-param-overlap. The complete ASan output: # mujstest $FILE ==26843==ERROR: AddressSanitizer: strcpy-param-overlap: memory ranges [0x0000013c5d40,0x0000013c62ed) and [0x0000013c6285, 0x0000013c6832) overlap #0 0x473129 in … Continue reading
Posted in advisories, security
Leave a comment
mupdf: mujstest: global-buffer-overflow in main (jstest_main.c)
Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a global buffer overflow write. The complete ASan output: # mujstest $FILE ================================================================= ==2244==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013c6140 at pc 0x000000473526 … Continue reading
Posted in advisories, security
Leave a comment
mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c)
Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a global buffer overflow write. The complete ASan output: # mujstest $FILE ==1278==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013c7280 at pc 0x0000004fa432 bp … Continue reading
Posted in advisories, security
Leave a comment
mupdf: use-after-free in pdf_to_num (pdf-object.c)
Description: mupdf is a lightweight PDF viewer and toolkit written in portable C. A fuzzing through mutool revealed a use-after-free. The complete ASan output: # mutool info $FILE ==5430==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300000ea42 at pc 0x7fbc4c3824e5 bp 0x7ffee68ead70 sp … Continue reading
Posted in advisories, security
Leave a comment
mupdf: mutool: infinite loop in gatherresourceinfo (pdfinfo.c)
Description: mupdf is a lightweight PDF viewer and toolkit written in portable C. A fuzzing through mutool revealed an infinite loop in gatherresourceinfo if mutool tries to get info from a crafted pdf. The output is a bit cutted because … Continue reading
Posted in advisories, security
3 Comments
libav: divide-by-zero in sbr_make_f_master (aacsbr.c)
Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered a divide-by-zero in sbr_make_f_master. The complete ASan output: # avconv -i $FILE -f null – avconv version … Continue reading
Posted in advisories, security
Leave a comment
libav: invalid memory access in ff_put_pixels8_xy2_mmx (rnd_template.c)
Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered an invalid memory access in ff_put_pixels8_xy2_mmx. The complete ASan output: # avconv -i $FILE -f null – … Continue reading
Posted in advisories, security
Leave a comment
libav: invalid memory access in put_no_rnd_pixels8_xy2_mmx (rnd_template.c)
Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered an invalid memory access in put_no_rnd_pixels8_xy2_mmx. The complete ASan output: # avconv -i $FILE -f null – … Continue reading
Posted in advisories, security
4 Comments
graphicsmagick: memory allocation failure in MagickMalloc (memory.c)
Description: Graphicsmagick is an Image Processing System. After the first round of fuzzing where I discovered some slowness issues that make the fuzz hard, the second round revealed a memory allocation failure. The complete ASan output: # gm identify $FILE … Continue reading
Posted in advisories, security
Leave a comment
graphicsmagick: memory allocation failure in ReadPCXImage (pcx.c)
Description: Graphicsmagick is an Image Processing System. After the first round of fuzzing where I discovered some slowness issues that make the fuzz hard, the second round revealed a memory allocation failure. The complete ASan output: # gm identify $FILE … Continue reading
Posted in advisories, security
Leave a comment