You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The parsing of the attached file uninit-caff.wav leads to a read of an uninitialized location in memory. The uninitialized read can be uncovered using a tool such as Valgrind or MemorySanitizer. For example:
$ valgrind cli/wavpack uninit-caff.wav
==21063== Memcheck, a memory error detector
==21063== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==21063== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==21063== Command: ./cli/wavpack uninit-caff.wav
==21063==
WAVPACK Hybrid Lossless Audio Compressor Linux Version 5.1.0
Copyright (c) 1998 - 2019 David Bryant. All Rights Reserved.
creating uninit-caff.wv,==21063== Conditional jump or move depends on uninitialised value(s)
==21063== at 0x411C43: ParseCaffHeaderConfig (caff.c:486)
==21063== by 0x408A94: pack_file (wavpack.c:1777)
==21063== by 0x404AE2: main (wavpack.c:1273)
It appears that this is an uninitialized read of the field caf_audio_format.mBytesPerPacketon this line.
The text was updated successfully, but these errors were encountered:
uninit-caff.wav.zip - contains fuzzed input
The parsing of the attached file uninit-caff.wav leads to a read of an uninitialized location in memory. The uninitialized read can be uncovered using a tool such as Valgrind or MemorySanitizer. For example:
It appears that this is an uninitialized read of the field
caf_audio_format.mBytesPerPacketon this line.The text was updated successfully, but these errors were encountered: