We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello, I found a bug in dwg2dxf.
compile with ASAN
export CFLAGS="-fsanitize=address -g" export CXXFLAGS="-fsanitize=address -g" ./autogen.sh && ./configure --disable-shared && make -j$(nproc)
root@535d9a1d505e:/# ./programs/dwg2dxf /dwg_poc1 Reading DWG file /dwg_poc1_trim ERROR: Header CRC mismatch 3030 <=> 9E42 Warning: Fixup illegal Header Length ERROR: bit_read_BD: unexpected 2-bit code: '11' ERROR: Invalid BD unit2_ratio Warning: Header Section[48] CRC mismatch 3030 <=> 5E4D ERROR: Invalid size 808464432, should be: 298, endpos: 12640 ERROR: Invalid object type 49344, only 0 classes ERROR: Invalid class index 48844 >= 0 ERROR: MS size overflow @18446744073668669582 ERROR: MS size overflow @18446744073668669582 ERROR: MS size overflow @18446744073668669600 ERROR: MS size overflow @18446744073668669770 ERROR: MS size overflow @18446744073668669818 ERROR: MS size overflow @18446744073668669866 ERROR: MS size overflow @18446744073668669914 ERROR: MS size overflow @18446744073668669962 ERROR: MS size overflow @18446744073668670010 ERROR: MS size overflow @18446744073668670058 ERROR: MS size overflow @18446744073668670106 ERROR: MS size overflow @18446744073668670154 ERROR: MS size overflow @18446744073668670202 ERROR: MS size overflow @18446744073668670250 ERROR: MS size overflow @18446744073668670298 ERROR: MS size overflow @18446744073668670346 ERROR: MS size overflow @18446744073668670394 ERROR: MS size overflow @18446744073668670442 ERROR: MS size overflow @18446744073668670490 ERROR: bit_read_RC buffer overflow at 21600.0 >= 21600 ERROR: MS size overflow @18446744073668670490 ERROR: bit_read_RC buffer overflow at 21600.0 >= 21600 ERROR: bit_read_RC buffer overflow at 21600.0 >= 21600 Warning: handleoff 0x0 looks wrong, max_handles 60 - last_handle 0 = 60 (@21600) ERROR: bit_read_RC buffer overflow at 21600.0 >= 21600 ERROR: bit_read_RS buffer overflow at 21600.0 >= 21600 ERROR: AddressSanitizer:DEADLYSIGNAL ================================================================= ==167486==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x55fb6333b255 bp 0x7ffe08a3e710 sp 0x7ffe08a3e4a0 T0) ==167486==The signal is caused by a READ memory access. ==167486==Hint: address points to the zero page. #0 0x55fb6333b254 in secondheader_private /benchmark_vuln/source/vuln/libredwg/src/2ndheader.spec:42 #1 0x55fb633182a0 in decode_R13_R2000 /benchmark_vuln/source/vuln/libredwg/src/decode.c:937 #2 0x55fb632fee27 in dwg_decode /benchmark_vuln/source/vuln/libredwg/src/decode.c:232 #3 0x55fb632c6369 in dwg_read_file /benchmark_vuln/source/vuln/libredwg/src/dwg.c:268 #4 0x55fb632c3ed8 in main /benchmark_vuln/source/vuln/libredwg/programs/dwg2dxf.c:261 #5 0x7fd5a1e00082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #6 0x55fb632c2d6d in _start (/benchmark_vuln/source/vuln/libredwg/programs/dwg2dxf+0x25cd6d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /benchmark_vuln/source/vuln/libredwg/src/2ndheader.spec:42 in secondheader_private ==167486==ABORTING
poc.zip
The text was updated successfully, but these errors were encountered:
not dxf related, in dwgread already. a simple NULL deref
Sorry, something went wrong.
fix 2ndheader logging null-deref
10c79fd
Fixes fuzz GH #890
835411a
rurban
No branches or pull requests
Hello, I found a bug in dwg2dxf.
environment
compile with ASAN
ASAN Log
POC
poc.zip
The text was updated successfully, but these errors were encountered: