New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stack-overflow on ass_parse.c:77 mystrcmp #423
Comments
|
Thanks for taking your time to fuzz libass. Incidentially |
|
Ok, I've tested the file from the RAR archive with master and 0.14.0. In both cases I couldn't reproduce any overflows or similar. Can you provide exact steps how to reproduce this? Which program consumes the sample file? Which OS, libc and CPU architecture? Which exact version of libass is being used? |
|
Unless the OP posted a wrong stack trace by accident, I’m pretty sure this is the same as #422 and is long fixed in master. It’s great to have more people fuzz libass, but please run your tests against master! |
Description
A vulnerability was found in function mystrcmp in ass_parse.c:77 ,which allow attackers to cause a denial of service or remote code execution via a crafted file.
The text was updated successfully, but these errors were encountered: