Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
libgd gd2togif double free #208
libgd gd2togif tool have a double free vulnerability when parse gd2 file which have error header info , can cause to dos or possible to exec code.
modify poc.gd2 to trigger crash:
use valgrind to locate the vul code about double free:
i think your analysis is slightly off -- the first free is inside of
the bugfix is easy, but have to spend a little time writing a test.
sorry, u are right, I has been modified it:
==30824== Invalid free() / delete / delete / realloc()
i doubt a CVE makes sense in this case. it's only a double free ... there is no other memory corruption or use of the pointer/memory. you'll need to prove things a bit more than "random tool's generalizations say it's exploitable".
the best you'd get is a remote DoS on a process that handles arbitrary user input.