-
Notifications
You must be signed in to change notification settings - Fork 378
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stack-buffer-overflow in psf_memset in libsndfile-master/src/common.c:1229 #397
Comments
What's the exactly input you use to find this problem. |
This CVE was assigned to this issue: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13139 |
bwarden
added a commit
to bwarden/libsndfile
that referenced
this issue
Aug 28, 2018
Allocated buffer has space for only 16 channels. Verify that input file meets this limit. Fixes libsndfile#397
erikd
pushed a commit
that referenced
this issue
Aug 28, 2018
Allocated buffer has space for only 16 channels. Verify that input file meets this limit. Fixes #397
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Oct 10, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gbionescu
pushed a commit
to gbionescu/poky
that referenced
this issue
Oct 10, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 22ef4ebb1003d0fcb20fb687c519889ad9e34789) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Oct 10, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gbionescu
pushed a commit
to gbionescu/poky
that referenced
this issue
Oct 10, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
jpuhlman
pushed a commit
to MontaVista-OpenSourceTechnology/poky
that referenced
this issue
Oct 15, 2018
Source: poky MR: 00000 Type: Integration Disposition: Merged from poky ChangeID: f76e265 Description: A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Oct 18, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a907) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
gbionescu
pushed a commit
to gbionescu/poky
that referenced
this issue
Oct 18, 2018
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) (From OE-Core rev: da7342a774ae9bcd876ceb7c260dfb49791949d5) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
jpuhlman
pushed a commit
to MontaVista-OpenSourceTechnology/poky
that referenced
this issue
Feb 12, 2019
Source: poky MR: 00000 Type: Integration Disposition: Merged from poky ChangeID: cbdc5ca Description: A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) (From OE-Core rev: da7342a774ae9bcd876ceb7c260dfb49791949d5) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in libsndfile/libsndfile#397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
stack-buffer-overflow in psf_memset in libsndfile-master/src/common.c:1229
poc.zip
./sndfile-deinterleave $poc
==118463==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffea52964d0 at pc 0x7f48893a3bec bp 0x7ffea520e2f0 sp 0x7ffea520da98
WRITE of size 3826900 at 0x7ffea52964d0 thread T0
#0 0x7f48893a3beb in __asan_memset (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8cbeb)
#1 0x7f4888fc70bf in psf_memset /home/s2e/asan/libsndfile-master/src/common.c:1229
#2 0x7f488901ed71 in sf_readf_int /home/s2e/asan/libsndfile-master/src/sndfile.c:1837
#3 0x401e1c in deinterleave_int /home/s2e/asan/libsndfile-master/programs/sndfile-deinterleave.c:170
#4 0x401c96 in main /home/s2e/asan/libsndfile-master/programs/sndfile-deinterleave.c:138
#5 0x7f4888bed82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#6 0x4016c8 in _start (/home/s2e/asan/libsndfile-master/build/sndfile-deinterleave+0x4016c8)
Address 0x7ffea52964d0 is located in stack of thread T0 at offset 557296 in frame
#0 0x4017a5 in main /home/s2e/asan/libsndfile-master/programs/sndfile-deinterleave.c:68
The text was updated successfully, but these errors were encountered: