-
-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug: heap-use-after-free in function Assimp::ColladaParser::ExtractDataObjectFromChannel() #4286
Labels
Bug
Global flag to mark a deviation from expected behaviour
Comments
CVE-2022-45748 was published on jan. 20 and mentions this bug report. |
waebbl
added a commit
to waebbl/gentoo
that referenced
this issue
Jan 23, 2023
Avoid a security issue when processing COLLADA files. Don't build the module until fixed upstream. Need to drop additional collada related tests as well. Bug: assimp/assimp#4286 Bug: https://bugs.gentoo.org/891787 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net>
This was referenced Jan 23, 2023
gentoo-bot
pushed a commit
to gentoo/gentoo
that referenced
this issue
Feb 5, 2023
Avoid a security issue when processing COLLADA files. Don't build the module until fixed upstream. Need to drop additional collada related tests as well. Bug: assimp/assimp#4286 Bug: https://bugs.gentoo.org/891787 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Closes: #29231 Signed-off-by: Joonas Niilola <juippis@gentoo.org>
What's the status of the two CVE? (this one and #4662) |
bmwiedemann
pushed a commit
to bmwiedemann/openSUSE
that referenced
this issue
Oct 5, 2023
https://build.opensuse.org/request/show/1115678 by user krop + anag+factory - Disable the collada importer/exporter due to a long standing security issue (boo#1207377, CVE-2022-45748, gh#assimp/assimp#4286) - Add patch: * 0001-Don-t-build-the-collada-importer-exporter-tests.patch
kimkulling
added a commit
that referenced
this issue
Feb 15, 2024
* ColladaParser: check values length fixes: #4286 * Refactor calculation of size for data --------- Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
starseeker
pushed a commit
to BRL-CAD/assimp
that referenced
this issue
Mar 6, 2024
* ColladaParser: check values length fixes: assimp#4286 * Refactor calculation of size for data --------- Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com> (cherry picked from commit 4b9f46d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environment
Ubuntu 18.04,64 bit
Command
Compile test program:
$ cmake CMakeLists.txt $ cmake --build .
Compile test program with address sanitizer:
Result
The result of running without ASAN:
Information obtained by using ASAN:
Description
Poc
Poc file is this.
The text was updated successfully, but these errors were encountered: