New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jp2_decode() Null Pointer Access #265
Comments
It crashes here: https://github.com/jasper-software/jasper/blob/version-2.0.24/src/libjasper/jp2/jp2_dec.c#L434 It happens on attempt to access Note that the first version that crashes with this reproducer is 2.0.20, and bisecting changes since 2.0.19 found a4dc77c as the first affected. It's not immediately obvious if that commit introduces the issue, or if it only makes it it reachable for a particular reproducer. |
CVE-2021-26927 has been assigned for this issue. |
Hi,
There's a Null Pointer Access in
jp2_decode /home/dgh05t/fuzz/jasper-master/src/libjasper/jp2/jp2_dec.c:442
run the poc with
"./jasper -f ~/Desktop/poc2.jp2 --output-format jpg"
poc:
poc2.zip
The text was updated successfully, but these errors were encountered: