Describe the bug
An unitialized variable is used in function wav_format_write. The highest threat from this vulnerability is to data confidentiality.
The unitialized variable format is copied to the stream pointed by f variable, as illustrated below.
Uninitialized bytes in __interceptor_fwrite at offset 0 inside [0x7ffed0df95e8, 16)
==273091==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x2ca7dc in wav_chunk_write /dataZ/Part_2/libwav_example/libwav/tools/wav_gain/../../libwav.c
#1 0x2cb559 in wav_write /dataZ/Part_2/libwav_example/libwav/tools/wav_gain/../../libwav.c:217:2
#2 0x2cb559 in gain_file /dataZ/Part_2/libwav_example/libwav/tools/wav_gain/wav_gain.c:28:6
#3 0x2cb559 in main /dataZ/Part_2/libwav_example/libwav/tools/wav_gain/wav_gain.c:43:3
#4 0x7f6b850e10b2 in __libc_start_main /build/glibc-sMfBJT/glibc-2.31/csu/../csu/libc-start.c:308:16
#5 0x24b43d in _start (/dataZ/Part_2/libwav_example/libwav/Fuzzing/wav_gain+0x24b43d)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /dataZ/Part_2/libwav_example/libwav/tools/wav_gain/../../libwav.c in wav_chunk_write
Note, wav_chunk_write function calls wav_format_write, where it's the bug at.
The text was updated successfully, but these errors were encountered:
tin-z
changed the title
Use of uninitialized value in function wav_format_write in libwav.c
[Bug] Use of uninitialized value in function wav_format_write in libwav.c
Mar 28, 2022
Describe the bug
An unitialized variable is used in function wav_format_write. The highest threat from this vulnerability is to data confidentiality.
The unitialized variable
formatis copied to the stream pointed byfvariable, as illustrated below.libwav/libwav.c
Lines 52 to 64 in 5cc8746
System info
Steps to reproduce the behavior
./wav_gain POC /dev/nullpoc
https://github.com/tin-z/Stuff_and_POCs/blob/main/poc_libwav/POC
Output
The text was updated successfully, but these errors were encountered: