New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Heap buffer overflow in exfatfsck in verify_vbr_checksum() #5
Comments
|
Fixed this in 2e86ae5. Thanks for reporting! |
|
Hi, I think this is not fully fixed. Just tested (same input file), it changes the error message, so I think there is another very similar issue at a later point in the code: |
As far as I can see the error message is the same: |
|
Sorry for the noise, you're right. I just took the latest git master code and didn't notice that this was a branch. Fix seems to work. |
|
Great! Thanks for testing. I'll close this issue after I make a release. |
This input file can trigger a heap overflow in exfatfsck:
https://crashes.fuzzing-project.org/exfatfsck-heap-overflow-write-verify_vbr_checksum
This was found while fuzzing with the tool american fuzzy lop.
Here is the stack trace from address sanitizer:
The text was updated successfully, but these errors were encountered: