New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There exists heap-buffer-overflow when using function raw2image_ex(int) #557
Comments
|
LibRaw::open_file() refuses your sample as 'unsupported or not raw file'. Please make sure you're submitted the correct POC file. |
|
I've tried again and didn't see 'unsupported or not raw file'. crash_dcraw_half.zip needs to be extracted. I also used the zip file to run the command just now, this will be "libraw Unsupported file format or not RAW file". |
|
Sure, I know what zip files are. The MD5 checksum for the file you provided is: c39ba6fb6d5ee34e2b0833af6acbebc6 It is refused by LibRaw 0.21.1 |
|
Thank you for your screenshot. |
|
Sorry, no linux here, but the file is not refused by open_file() on FreeBSD and not crashed. Investigating.... |
|
Sorry,I always test in Linux OS and forgot to tell you at the beginning. Maybe the bug only exists in Linux? I'm not sure. |
|
This patch should fix the problem |
|
The patch is 9ab70f6 , right? I've used the patch and it works well. |
|
Oh, sorry, forgot to provide patch link. Yes, it is 9ab70f6 Closing as confirmed fixed. |


Description
There exists heap-buffer-overflow in LibRaw::raw2image_ex(int) src/preprocessing/raw2image.cpp:492
My test program
dcraw_half in Libraw/bin
Command and argument
./dcraw_half crash_dcraw_half
Crash Information
The output of exampletest with address sanitizer enabled
Version
LibRaw 0.21.1 release
the commit is cccb976
POC File
crash_dcraw_half.zip
The text was updated successfully, but these errors were encountered: