-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
null dereference in apply_image #130
Comments
Base64 encoded file |
Thanks for the report! |
Has this been resolved? |
yes. that is why i closed the issue with a commit reference. |
Ok, thanks |
This was discovered by: dorkerdevil dorkerdevil@protonmail.com - which asked us to report it to you
There is a null dereference Vulnerability(Denial of service) affecting gifdiff in gifsicle v1.91
screenshot and poc file is attached.
Note: @@ refers to poc file which is attached, and that poc file is used twice which means the same poc file will be on both place.
`PoC:~
:~/gifsicle-asan/src/gifdiffout/crashes# ../../gifdiff -w -B @@ @@
gifdiff: While reading ‘id:000022,sig:06,src:000000,op:havoc,rep:4’ frame #0:
gifdiff: error: unknown block type 102 at file offset 13
gifdiff: While reading ‘id:000022,sig:06,src:000000,op:havoc,rep:4’ frame #1:
gifdiff: error: bad graphic extension
gifdiff: While reading ‘id:000022,sig:06,src:000000,op:havoc,rep:4’ frame #0:
gifdiff: error: unknown block type 102 at file offset 13
gifdiff: While reading ‘id:000022,sig:06,src:000000,op:havoc,rep:4’ frame #1:
gifdiff: error: bad graphic extension
ASAN:SIGSEGV
==21423==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000004450f8 bp 0x0c18000017f4 sp 0x7fff9f1b44b0 T0)
#0 0x4450f7 in apply_image /root/geeknik/gifsicle-asan/src/gifdiff.c:121
#1 0x44ab8d in compare /root/geeknik/gifsicle-asan/src/gifdiff.c:316
#2 0x40246b in main /root/geeknik/gifsicle-asan/src/gifdiff.c:625
#3 0x7f7821e2382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#4 0x4027f8 in _start (/root/geeknik/gifsicle-asan/src/gifdiff+0x4027f8)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/geeknik/gifsicle-asan/src/gifdiff.c:121 apply_image
==21423==ABORTING`
The text was updated successfully, but these errors were encountered: