-
Recent Posts
Recent Comments
- strongcourage on Why I stopped fuzzing research
- Bob Friesenhahn on Why I stopped fuzzing research
- #gentoo dev: Why I stopped fuzzing research https://blogs.gentoo.or… | Dr. Roy Schestowitz (罗伊) on Why I stopped fuzzing research
- Ulya on Why I stopped fuzzing research
- ago on Install Gentoo in less than one minute
Archives
- July 2020
- April 2020
- March 2019
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: November 2016
metapixel: multiple assertion failures
Description: metapixel is a program for generating photomosaics. A fuzzing on metapixel-imagesize revealed multiple assertion failures. The latest upstream release was about ten years ago, so I didn’t made any report. The bugs do not reside in any shared object … Continue reading
Posted in advisories, security
Leave a comment
metapixel: heap-based buffer overflow in open_gif_file (rwgif.c)
Description: metapixel is a program for generating photomosaics. A fuzzing on metapixel-imagesize revealed an overflow. The latest upstream release was about ten years ago, so I didn’t made any report. The bug does not resides in any shared object which … Continue reading
Posted in advisories, security
Leave a comment
jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. A crafted image, through an intensive fuzz on the 1.900.22 version revealed a stack overflow. The complete ASan … Continue reading
Posted in advisories, security
Leave a comment
imagemagick: null pointer must never be null (tiff.c)
Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. A fuzz on an updated version with the undefined behavior sanitizer enabled, revealed a null pointer which is declared to never be null. The complete UBSan … Continue reading
Posted in advisories, security
2 Comments
An alternative to git bisect with Gentoo and the live ebuild
Git bisect is absolutely powerful, but sometimes is more comfortable use emerge instead of compile the software outside the package manager. That was my case with media-libs/jasper which I’m picking as example for this ‘howto’ So basically, you are running … Continue reading
Posted in gentoo
4 Comments
libdwarf: negation overflow in dwarf_leb.c
Description: libdwarf is a library to consume and produce DWARF debug information. A fuzz with the Undefined Behavior Sanitizer shows a negation that cannot be represented as long long. The complete UBSan output: # dwarfdump $FILE dwarf_leb.c:306:19: runtime error: negation … Continue reading
Posted in advisories, security
1 Comment
jasper: signed integer overflow in jas_image.c
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. The undefined behavior sanitizer shows a signed integer overflow in jas_image.c As you can see, the commit which … Continue reading
Posted in advisories, security
Leave a comment
imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)
Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. A fuzz on an updated version revealed another overflow. The complete ASan output: # identify $FILE ================================================================= ==696==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x611000009700 at pc 0x7f300036c9a3 … Continue reading
Posted in advisories, security
1 Comment
jasper: multiple Assertion failure
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. A fuzzing revealed multiple assertion failures. Since the jasper’s maintainer releases frequently, the fuzzing was done across multiple … Continue reading
Posted in advisories, security
Leave a comment
libming: listmp3: left shift in listmp3.c
Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed a left shift in listmp3. The bug does not reside in … Continue reading
Posted in advisories, security
Leave a comment