Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE-2016-10506] division-by-zero in function opj_pi_next_pcrl of pi.c (line 447) #778

Closed
trylab opened this issue May 6, 2016 · 1 comment
Closed

[CVE-2016-10506] division-by-zero in function opj_pi_next_pcrl of pi.c (line 447) #778

trylab opened this issue May 6, 2016 · 1 comment
Labels
bug Priority-Critical
Milestone
OPJ v2.1.3

Comments

@trylab
Copy link
Contributor

trylab commented May 6, 2016

Title

division-by-zero in function opj_pi_next_pcrl of pi.c (line 447)

Testing Environment

Ubuntu + OpenJPEG (GitHub master, 2016/05/06)

Exception Information

Program received signal SIGFPE, Arithmetic exception.
0xb698af0c in opj_pi_next_pcrl (pi=0xb4603d80) at 
    /home/trylab/Desktop/repo/openjpeg/src/lib/openjp2/pi.c:447
447 if (!((pi->x % (OPJ_INT32)(comp->dx << rpx) == 0) || 
        ((pi->x == pi->tx0) && ((trx0 << levelno) % (1 << rpx))))){

PoC

https://raw.githubusercontent.com/trylab/PoCs/master/openjpeg/SIGFPE_opj_pi_next_pcrl@447/poc.j2k

Credit

Ke Liu of Tencent's Xuanwu LAB
@malaterre malaterre added this to the OPJ v2.1.2 milestone Sep 20, 2016
@trylab trylab mentioned this issue Sep 21, 2016
Closed
@detonin detonin modified the milestones: OPJ v2.1.2, OPJ v2.1.3 Sep 29, 2016
@rouault
Copy link
Collaborator

rouault commented Jul 26, 2017

Fixed per d27ccf0

@rouault rouault closed this as completed Jul 26, 2017
@trylab trylab changed the title division-by-zero in function opj_pi_next_pcrl of pi.c (line 447) [CVE-2016-10506] division-by-zero in function opj_pi_next_pcrl of pi.c (line 447) Aug 30, 2017
@YangY-Xiao YangY-Xiao mentioned this issue Jul 17, 2018
Closed
@armorcodegithubpreprod armorcodegithubpreprod bot mentioned this issue Mar 14, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Priority-Critical
Projects
None yet
Milestone
OPJ v2.1.3
Development

No branches or pull requests
5 participants
@malaterre @detonin @rouault @mayeut @trylab