Closed
Description
This bug report was migrated from our old Bugzilla tracker.
These attachments are available in the static archive:
Reported in version: 2.0.4
Reported for operating system, platform: Linux, x86_64
Comments on the original bug report:
On 2019-05-05 03:00:32 +0000, pwd wrote:
Created attachment 3774
pocIMG_LoadPCX_RW@IMG_pcx.c:178-24___SEGV_UNKNOW
description
An issue was discovered in libsdl2 2.0.9 with SDL2_image-2.0.4 , There is a null-pointer-dereference in function IMG_LoadPCX_RW at IMG_pcx.c:178-24commandline
loadtif @@source
174 } 175 } else 176 count = 1; 177 } > 178 dst[i] = ch; 179 count--; 180 } 181 } 182 183 if(src_bits <= 4) { // loadtif.c // #include <stdio.h> // #include <SDL.h> // #include <SDL_image.h> // // int main(int argc, char * argv[]){ // IMG_Init(IMG_INIT_TIF);//IMG_INIT_JPG);IMG_INIT_PNG // while(__AFL_LOOP(1000)){ // SDL_Surface * image = IMG_Load(argv[1]); // if (image){ // SDL_FreeSurface(image); // } // } // IMG_Quit(); // }bug report
ASAN:DEADLYSIGNAL ================================================================= ==13991==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fd7bb11fabf bp 0x7ffe60cd2650 sp 0x7ffe60cd23e0 T0) # 0 0x7fd7bb11fabe in IMG_LoadPCX_RW /src/SDL2_image-2.0.4/IMG_pcx.c:178:24 # 1 0x7fd7bb10e9bd in IMG_LoadTyped_RW /src/SDL2_image-2.0.4/IMG.c:195:17 # 2 0x7fd7bb10df41 in IMG_Load /src/SDL2_image-2.0.4/IMG.c:136:12 # 3 0x4ea0f0 in main /src/loadtif.c:8:37 # 4 0x7fd7b9c1482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) # 5 0x4189e8 in _start (/src/aflbuild/installed/bin/loadtif+0x4189e8) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /src/SDL2_image-2.0.4/IMG_pcx.c:178:24 in IMG_LoadPCX_RW ==13991==ABORTINGothers
from fuzz project pwd-libsdl2-loadtif-00 crash name pwd-libsdl2-loadtif-00-00000004-20190419.tif Auto-generated by pyspider at 2019-04-19 00:07:04
On 2019-06-10 22:26:56 +0000, Sam Lantinga wrote:
Fixed, thanks!
https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
Metadata
Metadata
Assignees
Labels
No labels