Closed
Description
The attached file will crash jasper (can be tested with imginfo) with a null pointer access. It was found with american fuzzy lop.
jasper-nullptr-jpc_pi_destroy.zip
Stack trace from address sanitizer:
==22340==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x00000059f33f bp 0x611000009fc8 sp 0x7fffa1dea040 T0)
#0 0x59f33e in jpc_pi_destroy /f/jasper/src/libjasper/jpc/jpc_t2cod.c:521:10
#1 0x54f43f in jpc_dec_tilefini /f/jasper/src/libjasper/jpc/jpc_dec.c:999:3
#2 0x5403bd in jpc_dec_process_eoc /f/jasper/src/libjasper/jpc/jpc_dec.c:1151:3
#3 0x547fb4 in jpc_dec_decode /f/jasper/src/libjasper/jpc/jpc_dec.c:390:10
#4 0x547fb4 in jpc_decode /f/jasper/src/libjasper/jpc/jpc_dec.c:254
#5 0x4f6032 in jas_image_decode /f/jasper/src/libjasper/base/jas_image.c:372:16
#6 0x4f23cf in main /f/jasper/src/appl/imginfo.c:188:16
#7 0x7f2ac820478f in __libc_start_main (/lib64/libc.so.6+0x2078f)
#8 0x4195d8 in _start (/r/jasper/imginfo+0x4195d8)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /f/jasper/src/libjasper/jpc/jpc_t2cod.c:521:10 in jpc_pi_destroy
==22340==ABORTING
Metadata
Metadata
Assignees
Labels
No labels