-
Recent Posts
Recent Comments
- strongcourage on Why I stopped fuzzing research
- Bob Friesenhahn on Why I stopped fuzzing research
- #gentoo dev: Why I stopped fuzzing research https://blogs.gentoo.or… | Dr. Roy Schestowitz (罗伊) on Why I stopped fuzzing research
- Ulya on Why I stopped fuzzing research
- ago on Install Gentoo in less than one minute
Archives
- July 2020
- April 2020
- March 2019
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: February 2017
pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)
Description: pax-utils is a set of tools that check files for security relevant properties. A fuzz on scanelf exposed that the out-of bound read already reported here was unfixed. The complete ASan output: # scanelf -s ‘*’ -axetrnibSDIYZB $FILE ==1093==ERROR: … Continue reading
Posted in advisories, security
Leave a comment
gnu-paxutils: multiple crashes
Description: GNU paxutils is a suite of archive utilities: it will provide cpio, tar and POSIX pax archivers. A fuzzing on tar and pax shows multiple crashes. I really don’t know if atm those tools are used somewhere. Details: # … Continue reading
Posted in advisories, security
Leave a comment
audiofile: multiple ubsan crashes
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered multiple crashes because of undefined behavior. The complete UBsan output: # sfconvert @@ out.mp3 format aiff /tmp/portage/media-libs/audiofile-0.3.6-r3/work/audiofile-0.3.6/libaudiofile/WAVE.cpp:289:14: runtime error: … Continue reading
Posted in advisories, security
1 Comment
audiofile: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered an heap overflow. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==1731==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fd325141800 … Continue reading
Posted in advisories, security
1 Comment
audiofile: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered a division by zero. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==3538==ERROR: AddressSanitizer: FPE on unknown … Continue reading
Posted in advisories, security
Leave a comment
audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered an heap overflow. The complete ASan output: # sfconvert @@ out.mp3 format aiff WRITE of size 2 at 0x7fb583d33800 … Continue reading
Posted in advisories, security
1 Comment
audiofile: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered a division by zero. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==2529==ERROR: AddressSanitizer: FPE on unknown … Continue reading
Posted in advisories, security
Leave a comment
audiofile: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered an heap overflow. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==2512==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d00001c45a … Continue reading
Posted in advisories, security
1 Comment
audiofile: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered an heap overflow. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==2486==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62f0000286e8 … Continue reading
Posted in advisories, security
Leave a comment
audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp)
Description: audiofile is a C-based library for reading and writing audio files in many common formats. A fuzz on it discovered an heap overflow. The complete ASan output: # sfconvert @@ out.mp3 format aiff ==2480==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f5eb894d800 … Continue reading
Posted in advisories, security
1 Comment