-
Recent Posts
Recent Comments
- strongcourage on Why I stopped fuzzing research
- Bob Friesenhahn on Why I stopped fuzzing research
- #gentoo dev: Why I stopped fuzzing research https://blogs.gentoo.or… | Dr. Roy Schestowitz (罗伊) on Why I stopped fuzzing research
- Ulya on Why I stopped fuzzing research
- ago on Install Gentoo in less than one minute
Archives
- February 2025
- July 2020
- April 2020
- March 2019
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Category Archives: security
postgresql: psql: heap-based buffer overflow in gets_fromFile (input.c)
Description: PostgreSQL is a powerful, open source object-relational database system. After the blog post of lcamtuf and hanno I tried to fuzz psql which is the PostgreSQL interactive terminal. After make the first call on postgresql security contact they state … Continue reading
Posted in advisories, security
Leave a comment
paps: heap-based buffer overflow in read_file() (paps.c)
Description: Paps is an UTF-8 to PostScript converter that makes use of pango. It provides both a stand alone command line tool as well as a library It was discovered that a crafted/empty file is able to cause an heap-based … Continue reading
Posted in advisories, security
Leave a comment
portage-utils: stack-based buffer overflow in qfile.c
Description: Portage-utils is small and fast portage helper tools written in C. I discovered that a crafted file is able to cause a stack-based buffer overflow. The complete ASan output: ~ # qfile -f qfile-OOB-crash.log ================================================================= ==12240==ERROR: AddressSanitizer: stack-buffer-overflow on … Continue reading
Posted in advisories, gentoo, security
3 Comments
portage-utils: heap-based buffer overflow in qlop.c
Description: Portage-utils is small and fast portage helper tools written in C. I discovered that a crafted file is able to cause an heap-based buffer overflow. The complete ASan output: ~ # qlop -f $CRAFTED_FILE -s Mon Jan 25 11:38:31 … Continue reading
Posted in advisories, security
Leave a comment
libav: divide-by-zero in ff_h263_decode_mba()
Description: Libav is an open source set of tools for audio and video processing. After talking with Luca Barbato which is both a Gentoo and Libav developer, I spent a bit of my time fuzzing libav and in particular I … Continue reading
Posted in advisories, security
Leave a comment
siege: off-by-one in load_conf()
Description: Siege is an http load testing and benchmarking utility. During the test of a webserver, I hit a segmentation fault. I recompiled siege with ASan and it clearly show an off-by-one in load_conf(). The issue is reproducible without passing … Continue reading
Posted in advisories, security
Leave a comment