-
-
Notifications
You must be signed in to change notification settings - Fork 457
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
segment fault in apply_sao_internal when decoding file #234
Comments
According to Debian this is CVE-2020-21605 |
The poc is no longer triggering with the state in the master branch, as of today at The test were commited on Debian unstable, gcc (Debian 12.2.0-14) 12.2. Methology:Starting point for all bisects were commit c43f2f8 (selected, as this is around the time where the CVEs were reported)
Bisecting is done using, so that git will report the first "good" commit. Bisecting is done using the CMake build system, using The pocs -- taken from the upstream issues (renamed for convience, so that the link to the CVE/issue is in the filename) CVE-2020-21605-issue234-apply_sao_internal-segment.crasha3f1c6a is the first fixed commit
|
Thanks @leonzhao7 and @coldtobi |
segment fault in apply_sao_internal when decoding file
I found some problems during fuzzing
Test Version
dev version, git clone https://github.com/strukturag/libde265
Test Environment
root@ubuntu:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
root@ubuntu:
# uname -a16.04.1-Ubuntu SMP Tue Jan 29 18:03:48 UTC 2019 x86_64 x86_64 x86_64 GNU/LinuxLinux ubuntu 4.15.0-45-generic #48
Test Configure
./configure
configure: ---------------------------------------
configure: Building dec265 example: yes
configure: Building sherlock265 example: no
configure: Building encoder: yes
configure: ---------------------------------------
Test Program
dec265 [infile]
Asan Output
POC file
libde265-apply_sao_internal-segment.zip
password: leon.zhao.7
CREDIT
Zhao Liang, Huawei Weiran Labs
The text was updated successfully, but these errors were encountered: