Category Archives: security

Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered an invalid memory access in ff_put_pixels8_mmx. The complete ASan output: # avconv -i $FILE -f null – … Continue reading →

Description: libdwarf is a library to consume and produce DWARF debug information. A fuzzing revealed an out bounds read, The complete ASan output: # dwarfdump $FILE ==30323==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x611000005a00 at pc 0x000000606e87 bp 0x7ffe35e5e5b0 sp 0x7ffe35e5e5a8 READ … Continue reading →

Description: libdwarf is a library to consume and produce DWARF debug information. The following issue came out during the build with the undefined behavior sanitizer. The complete UBsan output: LD_LIBRARY_PATH=$LD_LIBRARY_PATH:../libdwarf ./tag_tree_build -s -i tmp-tag- tree-build1.tmp -o tmp-tt-table.c tag_tree.c:350:60: runtime error: … Continue reading →

Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a strcpy-param-overlap. The complete ASan output: # mujstest $FILE ==26843==ERROR: AddressSanitizer: strcpy-param-overlap: memory ranges [0x0000013c5d40,0x0000013c62ed) and [0x0000013c6285, 0x0000013c6832) overlap #0 0x473129 in … Continue reading →

Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a global buffer overflow write. The complete ASan output: # mujstest $FILE ================================================================= ==2244==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013c6140 at pc 0x000000473526 … Continue reading →

Description: Mujstest, which is part of mupdf is a scriptable tester for mupdf + js. A fuzzing revealed a global buffer overflow write. The complete ASan output: # mujstest $FILE ==1278==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013c7280 at pc 0x0000004fa432 bp … Continue reading →

Description: mupdf is a lightweight PDF viewer and toolkit written in portable C. A fuzzing through mutool revealed a use-after-free. The complete ASan output: # mutool info $FILE ==5430==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300000ea42 at pc 0x7fbc4c3824e5 bp 0x7ffee68ead70 sp … Continue reading →

Description: mupdf is a lightweight PDF viewer and toolkit written in portable C. A fuzzing through mutool revealed an infinite loop in gatherresourceinfo if mutool tries to get info from a crafted pdf. The output is a bit cutted because … Continue reading →

Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered a divide-by-zero in sbr_make_f_master. The complete ASan output: # avconv -i $FILE -f null – avconv version … Continue reading →

Description: Libav is an open source set of tools for audio and video processing. A fuzzing with an mp3 file as input discovered an invalid memory access in ff_put_pixels8_xy2_mmx. The complete ASan output: # avconv -i $FILE -f null – … Continue reading →