./img2txt POC0
version: libcaca0.99beta19
Summary:
There is an illegal WRITE memory access at src/common-image.c:203 (function:load_image )in libcaca latest version.
Description:
The asan debug is as follows:
$./img2txt POC0
=================================================================
==28346==ERROR: AddressSanitizer: SEGV on unknown address 0x6020ffff0030 (pc 0x5643f5ff307a bp 0x603000000010 sp 0x7ffde48056e0 T0)
==28346==The signal is caused by a WRITE memory access.
#0 0x5643f5ff3079 in load_image /home/company/real/libcaca-master/src/common-image.c:203
#1 0x5643f5ff17c7 in main /home/company/real/libcaca-master/src/img2txt.c:171
#2 0x7fde504511c0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x211c0)
#3 0x5643f5ff1f09 in _start (/home/company/real/libcaca-master/install_asan/bin/img2txt+0x2f09)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/company/real/libcaca-master/src/common-image.c:203 in load_image
==28346==ABORTING
The text was updated successfully, but these errors were encountered:
Thanks for the detailed report. Note that this only happens when the fallback BMP loader is used; in general, img2txt should be built with the Imlib2 library (autodetected by ./configure).
Following vulnerability has been reported to Red Hat issue tracker:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20545
https://bugzilla.redhat.com/show_bug.cgi?id=1652621
The text was updated successfully, but these errors were encountered: