You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug:
Hi, I found an integer overflow issue in file exrmultipart.cpp
To Reproduce:
Steps to reproduce the behavior:
export CC=afl-clang-fast CXX=afl-clang-fast++
export LD_LIBRARY_PATH=/usr/lib/llvm-16/lib/clang/16/lib/linux/
cmake -DCMAKE_C_FLAGS="-fsanitize=undefined,address,leak -shared-libasan" -DCMAKE_CXX_FLAGS="-fsanitize=undefined,address,leak -shared-libasan" ..
make && make install
exrmultipart -convert -i poc -o res.exr
poc file: poc.zip
Evidence:
/root/fuzz/fuzz_openexr/openexr/src/bin/exrmultipart/exrmultipart.cpp:303:39: runtime error: signed integer overflow: 808464432 * 13569 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /root/fuzz/fuzz_openexr/openexr/src/bin/exrmultipart/exrmultipart.cpp:303:39 in
Platform information:
OS: Ubuntu 22.04.3
C++ compiler: clang-16.0.6
The text was updated successfully, but these errors were encountered:
[PROBLEM TYPE] – must contain at least one: Vulnerability Type, Root Cause, or Impact:
Vulnerability Type: Integer Overflow
Impact: Denial of Service
[DESCRIPTION]
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service via the convert function of file exrmultipart.cpp.
Describe the bug:
Hi, I found an integer overflow issue in file exrmultipart.cpp
To Reproduce:
Steps to reproduce the behavior:
export CC=afl-clang-fast CXX=afl-clang-fast++
export LD_LIBRARY_PATH=/usr/lib/llvm-16/lib/clang/16/lib/linux/
cmake -DCMAKE_C_FLAGS="-fsanitize=undefined,address,leak -shared-libasan" -DCMAKE_CXX_FLAGS="-fsanitize=undefined,address,leak -shared-libasan" ..
make && make install
exrmultipart -convert -i poc -o res.exr
poc file:
poc.zip
Evidence:
/root/fuzz/fuzz_openexr/openexr/src/bin/exrmultipart/exrmultipart.cpp:303:39: runtime error: signed integer overflow: 808464432 * 13569 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /root/fuzz/fuzz_openexr/openexr/src/bin/exrmultipart/exrmultipart.cpp:303:39 in
Platform information:
OS: Ubuntu 22.04.3
C++ compiler: clang-16.0.6
The text was updated successfully, but these errors were encountered: