Monthly Archives: November 2016

jasper: use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)

Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. I decided to try another round of fuzzing with the Memory Sanitizer enabled, and I discovered that there … Continue reading

Posted in advisories, security | Leave a comment