Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV in mat5.c:4983 #121

Closed
strongcourage opened this issue Jul 27, 2019 · 2 comments
Closed

SEGV in mat5.c:4983 #121

strongcourage opened this issue Jul 27, 2019 · 2 comments

Comments

@strongcourage
Copy link

Hi,
I found a crash in mat5.c:4983 (the latest commit bcf0447 on master).
PoC: https://github.com/strongcourage/PoCs/blob/master/matio_bcf0447/PoC_segv_Mat_VarReadNextInfo5
Command: matdump $PoC
ASAN says:

==17186==ERROR: AddressSanitizer: SEGV on unknown address 0x60210000efcf (pc 0x7ff5bd4a42ce bp 0x7ffd873b9460 sp 0x7ffd873b9230 T0)
    #0 0x7ff5bd4a42cd in Mat_VarReadNextInfo5 ../../src/mat5.c:4983
    #1 0x7ff5bd4b8c57 in Mat_VarReadNextInfo ../../src/mat.c:2311
    #2 0x408122 in main ../../tools/matdump.c:942
    #3 0x7ff5bcc9a82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #4 0x401b78 in _start (/home/dungnguyen/PoCs/matio_bcf0447/.libs/lt-matdump+0x401b78)

Thanks,
Manh Dung

tbeu added a commit that referenced this issue Jul 29, 2019
@tbeu tbeu closed this as completed Jul 29, 2019
@fgeek
Copy link

fgeek commented Jul 26, 2021

CVE-2020-19497 has been assigned for this issue.

tbeu added a commit that referenced this issue Jul 26, 2021
@tbeu
Copy link
Owner

tbeu commented Jul 26, 2021

Release notes have been updated accordingly.

tbeu added a commit that referenced this issue Sep 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants