New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack out of bounds read in internal/dcraw_common.cpp(kodak_65000_load_raw) #101
Comments
|
Thanks.
LibRaw deals with data come from external sources and the data format(s) are complex and not well defined. So, it is very likely that we have lot of such bugs. So, it is much better to create single CVE (multiple vulns in ...) but not separate version/separate CVE for each patch. |
|
Fixed in d13e8f6 |
|
With 0.18.4 and above example I get: $ valgrind simple_dcraw crash-kodak_65000_load_raw_out-of-bounds-read |
|
Have you applied patch d13e8f6 ? |
|
Eh, of course not. I read the difference of the change log wrongly. I am sorry for noise. |
|
BTW, it needs more patch(es), it is possible to run out of buf[256], will fix today |
|
With 0.18.5, I do not get segfault anymore. However, there are many valgrind errors: |
|
these jumps are limited by curve input range |
Command to reproduce:
simple_dcraw crash-kodak_65000_load_raw_out-of-bounds-readcrash-kodak_65000_load_raw_out-of-bounds-read.zip
gdb debug output:
we could see that the index of
curveis a large negative number-544416, leads out of bounds read.The text was updated successfully, but these errors were encountered: