New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is a stack-based buffer overflow in the ReadNextStructField function of mat5.c(at 1393) #128
Comments
|
No need to report fuzzing issues since matio is on OSS-Fuzz with still about 40 open issues. Instead of v1.5.17, please rerun the test against current master and reopen if the issue is still reproducible. |
Yes, I just use 'git clone' to fetch the current master of the matio,the issue is still reproducible.
|
|
Should be fixed now. |
|
CVE-2019-20020 has been assigned for this issue. |
|
OK, need to mention those CVE numbers in the changelog when making the new release. |


A crafted input will lead to crash in mat5.c at matio 1.5.17.
Triggered by
./matdump POC
Poc
002-stackover-ReadNextStructField-mat51393
The ASAN information is as follows:
about code (1393):
The text was updated successfully, but these errors were encountered: