Join GitHub today
CVE-2017-14731: ofxdump heap-buffer-overflow /usr/include/c++/4.9/bits/char_traits.h:263 std::char_traits<char>::length(char const*) #10
Fuzzed with: afl-2.49, afl-utils
You can create the reproducer with:
And run it with ofxdump:
added a commit
Oct 28, 2017
On my system the input file doesn't run into problems, neither with plain starting nor with valgrind. This is from git, c426e22 (released as version 0.9.12). I've committed fad8418 which should avoid some of the problems, but since I can't reproduce orgiinally, I also don't know whether this fixed anything.