Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
jasper-1.900.29 Heap Buffer Overflow vulnerabilities due to some programming mistake #93
I have found a Heap Buffer Overflow vulnerability in jasper-1.900.29. The vulnerability exists in code responsible for decoding the input image to a JP2 file. The vulnerability is a Heap Buffer Overflow vulnerability which can cause Out-of-Bound write due to a programming mistake (i.e. a mistake when setting the size of a memory allocation). The vulnerability can cause Denial-of-Service and may cause Remote-Code-Execution.
Analysis and Poc
The detail analysis report and PoC file can be found in the attachment. In order to avoid disclosing it before release of patch, I have encrypted the zip file. Developers can communicate with me to get the password.
I have also reported this to RedHat Security Team.
Thank you for your bug report. Your assessment of the problem was correct. There was a second place in the code with a similar problem. So, I fixed it as well. This second problem may have been benign, but I changed it in any case, just to be safe. See commit 4a59cfa.