We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is a SEGV in util/decompile.c:1651 at libming HEAD (a89a619). A crafted input will lead to denial of service attack.
Steps to Reproduce:
#./swftocxx POC_C6 /dev/null
POC File: https://github.com/puppet-meteor/swftocxx_POC/blob/master/POC_C6
Information from addresssanitizer:
ASAN:SIGSEGV ================================================================= ==61803==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f9302c2c05a bp 0x7fff581dbce0 sp 0x7fff581db470 T0) #0 0x7f9302c2c059 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x47059) #1 0x4168f2 in decompileSTOREREGISTER /home/puppet/target/libming-2018-10-25/util/decompile.c:1651 #2 0x41f074 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3321 #3 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #4 0x41bdd7 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2701 #5 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #6 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #7 0x41c29f in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2742 #8 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #9 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #10 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #11 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #12 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #13 0x41d793 in decompileDEFINEFUNCTION /home/puppet/target/libming-2018-10-25/util/decompile.c:2883 #14 0x41f16a in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3351 #15 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #16 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #17 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #18 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #19 0x41c29f in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2742 #20 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #21 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #22 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #23 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #24 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #25 0x41d793 in decompileDEFINEFUNCTION /home/puppet/target/libming-2018-10-25/util/decompile.c:2883 #26 0x41f16a in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3351 #27 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #28 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #29 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #30 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #31 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #32 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #33 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #34 0x41c29f in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2742 #35 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #36 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #37 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #38 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #39 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #40 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #41 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #42 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #43 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #44 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #45 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #46 0x41c29f in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2742 #47 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #48 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #49 0x41c0e0 in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2725 #50 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #51 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #52 0x41c29f in decompileTRY /home/puppet/target/libming-2018-10-25/util/decompile.c:2742 #53 0x41f4f8 in decompileAction /home/puppet/target/libming-2018-10-25/util/decompile.c:3477 #54 0x41f56d in decompileActions /home/puppet/target/libming-2018-10-25/util/decompile.c:3494 #55 0x41f6a3 in decompile5Action /home/puppet/target/libming-2018-10-25/util/decompile.c:3517 #56 0x40bd32 in outputSWF_DOACTION /home/puppet/target/libming-2018-10-25/util/outputscript.c:1551 #57 0x40e361 in outputBlock /home/puppet/target/libming-2018-10-25/util/outputscript.c:2083 #58 0x40f3b7 in readMovie /home/puppet/target/libming-2018-10-25/util/main.c:281 #59 0x40faec in main /home/puppet/target/libming-2018-10-25/util/main.c:354 #60 0x7f930201682f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #61 0x401b88 in _start (/usr/local/bin/swftocxx+0x401b88) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ??:0 ?? ==61803==ABORTING
found by puppet@zju.edu.cn from NESA Lab in Zhejiang University.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
There is a SEGV in util/decompile.c:1651 at libming HEAD (a89a619). A crafted input will lead to denial of service attack.
Steps to Reproduce:
#./swftocxx POC_C6 /dev/null
POC File: https://github.com/puppet-meteor/swftocxx_POC/blob/master/POC_C6
Information from addresssanitizer:
found by puppet@zju.edu.cn from NESA Lab in Zhejiang University.
The text was updated successfully, but these errors were encountered: