New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
heap overflow in GPMF_Next GPMF_parser.c:300 #74
Comments
|
I can't reproduce this to failure. Please confirm with the develop branch. |
|
I have tried develop version,the result is same.have you compiled with asan.or unzip the zip file |
|
I have not changed my compiler, as I figure the failure would be general, but I did use all the provided zip files, and I get no failure. I can see that the files are corrupted, but the parser correctly handles those corruptions. Maybe you could point out which line of code begins the heap overflow for each POC and what you would change? |
|
you should compile with cflags +=-fsanitize=address,or some heap-overflow may not result in segment fault. and code line is showned in asan info in this case |
|
size field corruption fixed. |
Tested in Ubuntu 19.04, 64bit, master(ceb3815)
compiled by gcc -g -fsanitize=address
Triggered by
$ gpmf-parse $POC
POC file
poc0.zip
The text was updated successfully, but these errors were encountered: