New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AddressSanitizer: heap-buffer-overflow in jfif_load() at jfif.c:187 #12
Comments
|
Hi, I tested it with commit b3039ae but there still exists some buffer overflows in jfif.c:195; jfif.c:216, jfif.c:228 and jfif.c:231 here are the POCs and asan log |
|
pls test commit 6bc54ed |
|
Hi, I tested it with commit 6bc54ed and AddressSanitizer still reports heap-buffer-overflow in jfif.c:216 and jfif.c:231, which is caused by to use AddressSanitizer you can compile program with cmd Cheers |
|
are the test case 16 & 25 pass your testing ? I don't have the test enviroment, can you tell me how to install the AddressSanitizer? |
|
Hi,
Yes, 26 & 29 still fail while 16 & 25 pass.
AddressSanitizer is part of gcc since gcc-4.8, Cheers |
|
please test commit d003dd6 |
|
pls test commit 58b6f94 |
|
Hi, I tested commit 58b6f94. Since no more ASAN reports, I think this series of heap-overflow problems are fixed now. Cheers! |
Test Environment
Ubuntu 14.04, 64bit, ffjpeg(master 627c8a9)
How to trigger
$ ./ffjpeg -d $POCPOC file
https://github.com/Marsman1996/pocs/blob/master/ffjpeg/poc22-jfif_load-heapoverflow
Details
Asan report
GDB report
The text was updated successfully, but these errors were encountered: