oss-sec mailing list archives

wavpack: multiple out of bounds memory reads

From: Hanno Böck <hanno () hboeck de>
Date: Mon, 23 Jan 2017 19:38:03 +0100

Hi,

Fuzzing wavpack led to the discoverey of several invalid memory reads.

global buffer overread in read_code / read_words.c
https://sourceforge.net/p/wavpack/mailman/message/35557889/

heap out of bounds read in WriteCaffHeader / caff.c
https://sourceforge.net/p/wavpack/mailman/message/35561921/

heap out of bounds read in unreorder_channels / wvunpack.c
https://sourceforge.net/p/wavpack/mailman/message/35561939/

heap oob read in read_new_config_info / open_utils.c
https://sourceforge.net/p/wavpack/mailman/message/35561939/


All of them have been fixed with a single commit:
https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

Wavpack 5.1.0 has been released and fixes all issues.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Current thread:

wavpack: multiple out of bounds memory reads Hanno Böck (Jan 23)
- Re: wavpack: multiple out of bounds memory reads cve-assign (Jan 28)