Monthly Archives: June 2017

xar: NULL pointer dereference in xar_get_path (util.c)

Description: xar is an easily extensible archive format. The complete ASan output of the issue: # xar -t -f $FILE ==5525==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f075cfb35f6 bp 0x7fff705167b0 sp 0x7fff70515f38 T0) ==5525==The signal is caused by a … Continue reading

Posted in advisories, security | Leave a comment

xar: NULL pointer dereference in xar_unserialize (archive.c)

Description: xar is an easily extensible archive format. The complete ASan output of the issue: # xar -t -f $FILE ==7615==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7f71a859ebd6 bp 0x7fffd8ace150 sp 0x7fffd8acde80 T0) ==7615==The signal is caused by a … Continue reading

Posted in advisories, security | 1 Comment

lame: two UBSAN crashes

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | Leave a comment

lame: multiple left shift

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | Leave a comment

lame: stack-based buffer overflow in III_dequantize_sample (layer3.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | 2 Comments

lame: stack-based buffer overflow in III_i_stereo (layer3.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | 6 Comments

lame: heap-based buffer overflow in fill_buffer_resample (util.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | 1 Comment

lame: global-buffer-overflow in III_i_stereo (layer3.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | Leave a comment

lame: global-buffer-overflow in II_step_one (layer2.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | 2 Comments

lame: divide-by-zero in parse_wave_header (get_audio.c)

Description: lame is a high quality MPEG Audio Layer III (MP3) encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results … Continue reading

Posted in advisories, security | Leave a comment