libmad stays for “M”peg “A”udio “D”ecoder library.
The same testcase provided in the article: libmad: heap-based buffer overflow in mad_layer_III (layer3.c) is able to show an assertion failure if libmad was compiled with debug (–enable-debugging).
The complete output of the failure:
# madplay -v -i -o raw:out $FILE madplay: /tmp/portage/media-libs/libmad-0.15.1b-r8/work/libmad-0.15.1b/layer3.c:2633: mad_layer_III: Assertion `stream->md_len + md_len - si.main_data_begin <= MAD_BUFFER_MDLEN' failed.
This bug was discovered by Agostino Sarubbo of Gentoo.
2017-01-01: bug discovered and reported to upstream
2017-04-30: blog post about the issue
2017-05-01: CVE assigned
This bug was found with American Fuzzy Lop.