-
Notifications
You must be signed in to change notification settings - Fork 279
-
Notifications
You must be signed in to change notification settings - Fork 279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AddressSanitizer: heap-buffer-overflow in PngImage::readMetadata() pngimage.cpp:438 #953
Comments
As in #954, I could not reproduce the issue on |
I just ran into this problem related to KDE's baloo file indexer loading metadata from a corrupt png from libpng's test suite: https://bugs.kde.org/show_bug.cgi?id=409958 Specifically it was the file: |
On Ubuntu with exvi2 0.27.1-0+18.04+bionic+build12: ` zsh: segmentation fault exiv2 -pv empty_ancillary_chunks.png |
@shassard I could reproduce the issue on the tag However the problem seems to be fixed on the latest version of the branch @cuanduo Could you please tell me the compiler flags you are using when compiling on master? I would like to try exactly with your same setup to be able to reproduce the issue on my side. Otherwise I cannot work on it. |
it has been fixed by commit bd0afe0 master |
Describe the bug
in my research , a heap overflow found in Exiv2::readChunk(Exiv2::DataBuf&, Exiv2::BasicIo&) /src/pngimage.cpp:410.
To Reproduce
exiv2 -pv $poc
poc.zip
Expected behavior
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: