The parsing of the attached file uninit-caff.wav leads to a read of an uninitialized location in memory. The uninitialized read can be uncovered using a tool such as Valgrind or MemorySanitizer. For example:
$ valgrind cli/wavpack uninit-caff.wav
==21063== Memcheck, a memory error detector
==21063== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==21063== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==21063== Command: ./cli/wavpack uninit-caff.wav
==21063==
WAVPACK Hybrid Lossless Audio Compressor Linux Version 5.1.0
Copyright (c) 1998 - 2019 David Bryant. All Rights Reserved.
creating uninit-caff.wv,==21063== Conditional jump or move depends on uninitialised value(s)
==21063== at 0x411C43: ParseCaffHeaderConfig (caff.c:486)
==21063== by 0x408A94: pack_file (wavpack.c:1777)
==21063== by 0x404AE2: main (wavpack.c:1273)
It appears that this is an uninitialized read of the field caf_audio_format.mBytesPerPacketon this line.
The text was updated successfully, but these errors were encountered:
uninit-caff.wav.zip - contains fuzzed input
The parsing of the attached file uninit-caff.wav leads to a read of an uninitialized location in memory. The uninitialized read can be uncovered using a tool such as Valgrind or MemorySanitizer. For example:
It appears that this is an uninitialized read of the field
caf_audio_format.mBytesPerPacketon this line.The text was updated successfully, but these errors were encountered: