oss-sec mailing list archives
Re: audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp)
From: Solar Designer <solar () openwall com>
Date: Tue, 14 Mar 2017 23:00:26 +0100
On Sun, Feb 26, 2017 at 11:45:35AM +0000, Agostino Sarubbo wrote:
==6096==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00001f708 at pc 0x0000004bbc35 bp 0x7ffd65dbabf0 sp 0x7ffd65dba3a0 READ of size 33872 at 0x61a00001f708 thread T0 #0 0x4bbc34 in __asan_memcpy /tmp/portage/sys-devel/llvm-3.9.1/work/llvm-3.9.1.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:413 #1 0x7efec209d7df in MSADPCM::initializeCoefficients() /tmp/portage/media-libs/audiofile-0.3.6-r3/work/audiofile-0.3.6/libaudiofile/modules/MSADPCM.cpp:369:3 #2 0x7efec209d7df in MSADPCM::createDecompress(Track*, File*, bool, bool, long*)
Agostino asked the list moderators to post to this thread that the above is CVE-2017-6827. Alexander P.S. Next time I'd prefer another moderator to handle this sort of requests, if any, since I don't care about CVEs much. I mostly care about security issues getting brought to this list, which was already the case.
Current thread:
- audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) Agostino Sarubbo (Feb 26)
- Re: audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) Solar Designer (Mar 14)