Monthly Archives: January 2017

Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. With the undefined behavior sanitizer enabled, jasper crashes showing some left shift and some signed integer overflow. Affected … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed a NULL pointer access. The complete ASan output: # tiffinfo -Dijr $FILE … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed an assertion failure. The complete output: # tiffcp -i $FILE /tmp/foo tiffcp: … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed a stack buffer overflow. The complete ASan output: # tiffsplit $FILE TIFFReadDirectory: … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed a memcpy-param-overlap. The complete ASan output: # tiff2pdf $FILE -o foo TIFFReadDirectoryCheckOrder: … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. Some crafted images, through a fuzzing revealed multiple overflow. Since the number of the issues, I will … Continue reading →

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. Some crafted images, through a fuzzing revealed multiple division by zero. Since the number of the issues, … Continue reading →