-
Notifications
You must be signed in to change notification settings - Fork 614
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stack-buffer-overflow in pnm2png in function get_token #246
Comments
It is important to clarify that the crash occurs in Will fix. |
@ctruta I'm sorry, I typed it wrong! |
CVE-2018-14550 was assigned for this issue |
hello, ping? |
I have a bunch of changes for contrib/pngminus, which I haven't published yet, because my focus (whenever I have time for libpng) is to get the core issues fixed first. FYI there is also an issue with contrib/tools/pngcp; see bug #264 I've just published my topic branch now. See the temporary branch |
Fixed in master. |
Published in libpng version 1.6.37. |
There is an issue in png2pnm in libpng 1.6 . It's a stack-buffer-overflow in png2pnm in function get_token.
To compile png2pnm,those command can be used with Clang 6.0:
The
makefile.std
in foldercontrib/pngminus
should also be modified before the commandmake -f makefile.std
as mention in this comment:This file can cause stack-buffer-overflow when using this command:
This is the ASAN information:
The text was updated successfully, but these errors were encountered: