You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2937923==ERROR: AddressSanitizer: SEGV on unknown address 0x62f00df00400 (pc 0x7ffff7267108 bp 0x6060000000e0 sp 0x7fffffffe0e0 T0)
==2937923==The signal is caused by a READ memory access.
#0 0x7ffff7267107 in pixSetPadBits (/lib/x86_64-linux-gnu/liblept.so.5+0x12e107)#1 0x7ffff71c93f4 in pixConnCompPixa (/lib/x86_64-linux-gnu/liblept.so.5+0x903f4)#2 0x7ffff72262d8 in jbGetComponents (/lib/x86_64-linux-gnu/liblept.so.5+0xed2d8)#3 0x7ffff72289eb in jbAddPage (/lib/x86_64-linux-gnu/liblept.so.5+0xef9eb)#4 0x5555555633ad in jbig2_add_page(jbig2ctx*, Pix*) /test2/jbig2enc/src/jbig2enc.cc:512#5 0x55555555f408 in main /test2/jbig2enc/src/jbig2.cc:482#6 0x7ffff6c1f082 in __libc_start_main ../csu/libc-start.c:308#7 0x55555555bf4d in _start (/test2/jbig2enc/src/jbig2+0x7f4d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/liblept.so.5+0x12e107) in pixSetPadBits
==2937923==ABORTING
SEGV in jbig2enc
Description
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. This vulnerability can lead to a Denial of Service (DoS).
ASAN Log
./src/jbig2 -s -S -p -v -d -2 -O out.png Poc2jbig2enc
Reproduction
PoC
Poc2jbig2enc: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/Poc2jbig2enc
Version
Reference
https://github.com/agl/jbig2enc
Environment
Credit
Zeng Yunxiang
The text was updated successfully, but these errors were encountered: