Re: Multiple memory corruption vulnerabilities in SoX 14.4.2

[Solar Designer <solar () openwall com>]

On Wed, Jul 22, 2015 at 07:55:42PM +0200, Michele Spagnuolo wrote:
> I would like to report publicly new memory corruption vulnerabilities in
> the latest SoX, 14.4.2 - these have been reported in April 2015 through
> oCERT, but they have notified me they still haven't received a response
> from upstream.
>
> Please see this shared folder, visible to anybody with the link:
> https://drive.google.com/folderview?id=0B52EFul-UCEIflZhcjlrRGlqcWdER2xJZWR4dmVUQ1RaRGl6a09sbVdGYjg2MER6OHl3aUU&usp=sharing
>
> The write heap buffer overflows are related to ADPCM handling in WAV files,
> while the read heap buffer overflow is while opening a .VOC.
>
> For each crash, you have the input file and a .txt with the ASAN output.

I'm not happy about use of external resources like Google Drive or
pastebin for crucial detail.  With Google Drive gone in some years from
now, your message would make little sense.  I understand that the .voc
file was a bit too large for attaching, and I dislike binary attachments
anyway, but at least I've attached the text files with ASAN backtraces,
as text/plain MIME type.  Ideally, you'd have proper analysis and even
smaller testcases rather than just this, but I understand that people's
time is limited.  So whatever we have... but at least we should have it
archived in here.

Alexander

Attachment: asan_heap-oob_53faf1_785_GOTTASAY.txt
Description:

Attachment: asan_heap-oob_73793c_6614_test_ima_adpcm.txt
Description:

Attachment: asan_heap-oob_7391b4_8427_wav_ms_adpcm.txt
Description: