Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Assertion failure happens in bitstrm.cpp because of an incorrect integer cast #10540

Closed
Epeius opened this issue Jan 7, 2018 · 1 comment · Fixed by #10563
Closed

Assertion failure happens in bitstrm.cpp because of an incorrect integer cast #10540

Epeius opened this issue Jan 7, 2018 · 1 comment · Fixed by #10563

Comments

@Epeius
Copy link

Epeius commented Jan 7, 2018

System information (version)

- OpenCV 3.3.1
- Operating System / Platform => Ubuntu 16.04
- Compiler => clang++
- Compiled-executable: 32bits

Detailed description

An assertion failure is triggered when parsing crafted image file in function cv::RBaseStream::setPos in file bitstrm.cpp:168. This Assertion failure happens because an incorrect cast from a 64-bit integer to 32-bit integer.

The crash details as follows:

=================================================================

opencv_afl-test: /home/opencv/fuzz/target/opencv-3.3.1/modules/imgcodecs/src/bitstrm.cpp:168: void cv::RBaseStream::setPos(int): Assertion `isOpened() && pos >= 0' failed.
Aborted (core dumped)

=================================================================

Steps to reproduce

Please refer to the following url for the testcases:
https://github.com/Epeius/NBPOC/tree/master/setPos_assertion_fail

@carnil
Copy link

carnil commented Jan 8, 2018

This issue was assigned CVE-2018-5269

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging a pull request may close this issue.

4 participants