oss-sec mailing list archives
Re: Buffer overflow in antiword 0.37
From: Fabian Keil <freebsd-listen () fabiankeil de>
Date: Thu, 4 Dec 2014 16:41:31 +0100
Fabian Keil <freebsd-listen () fabiankeil de> wrote:
The attached patch prevents a buffer overflow in antiword 0.37 (http://www.winfield.demon.nl/):
[...]
The buffer overflow has been reported upstream and the patch was accepted, but apparently there will not be an official antiword release any time soon. The bug was found with afl-fuzz.
Apparently zzuf found it first, though: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771768 Fabian
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- Buffer overflow in antiword 0.37 Fabian Keil (Dec 01)
- Re: Buffer overflow in antiword 0.37 Murray McAllister (Dec 01)
- Re: Buffer overflow in antiword 0.37 Fabian Keil (Dec 04)