New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Null pointer dereference vulnerability in sbr_process_channel(libfaad/sbr_dec.c:413) #28
Comments
This issue was assigned CVE-2018-20357. Appears to have been fixed by 6b4a7cd, needs to be double checked. |
@hlef Please feel free to close any issues that you consider already fixed in the current source code. |
I don't have permissions to close bug reports here :) |
Oops, I'll close whatever you mark as fixed then. 😉 |
Hm, so can this get closed? |
@hlef Hm? |
And it's closed. |
Hi, i found a null pointer dereference bug in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It crashed in function sbr_process_channel.the details are below(ASAN):
POC FILE: https://github.com/fantasy7082/image_test/blob/master/014-null-point-sbr_dec_413
The text was updated successfully, but these errors were encountered: