oss-sec mailing list archives
Re: Heapoverflow in giflib5.1.4
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 13 Sep 2016 18:55:08 +0200
Hi, On Tue, 13 Sep 2016 23:20:08 +0800 "vul@724safe" <vul () 724safe com> wrote:
With Address Sanitizer there is aa heap overflow in giflib 5.1.4 More details are available at: https://sourceforge.net/p/giflib/bugs/102/
Two notes: * This is a bug *only* in the gif2rgb command line tool, not in giflib itself. * I reported this before. The giflib maintainer claimed multiple times that he has fixed it, yet he hasn't. See: https://sourceforge.net/p/giflib/bugs/79/ -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- Heapoverflow in giflib5.1.4 vul (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Hanno Böck (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Seth Arnold (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Hanno Böck (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Seth Arnold (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Seth Arnold (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Hanno Böck (Sep 13)
- Re: Heapoverflow in giflib5.1.4 Solar Designer (Sep 13)