-
-
Notifications
You must be signed in to change notification settings - Fork 457
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
heap overflow in de265_image::available_zscan when decoding file #235
Comments
This was assigned CVE-2020-21599. |
Apparently fixed in a3f1c6a. |
The poc is no longer triggering with the state in the master branch, as of today at The test were commited on Debian unstable, gcc (Debian 12.2.0-14) 12.2. Methology:Starting point for all bisects were commit c43f2f8 (selected, as this is around the time where the CVEs were reported)
Bisecting is done using, so that git will report the first "good" commit. Bisecting is done using the CMake build system, using The pocs -- taken from the upstream issues (renamed for convience, so that the link to the CVE/issue is in the filename) CVE-2020-21599-issue235-libde265-de265_image__available_zscan-heap_overflow.crasha3f1c6a is the first fixed commit
git describe --contains a3f1c6a
|
Thanks @leonzhao7 and @coldtobi |
heap overflow in de265_image::available_zscan when decoding file
I found some problems during fuzzing
Test Version
dev version, git clone https://github.com/strukturag/libde265
Test Environment
root@ubuntu:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
root@ubuntu:
# uname -a16.04.1-Ubuntu SMP Tue Jan 29 18:03:48 UTC 2019 x86_64 x86_64 x86_64 GNU/LinuxLinux ubuntu 4.15.0-45-generic #48
Test Configure
./configure
configure: ---------------------------------------
configure: Building dec265 example: yes
configure: Building sherlock265 example: no
configure: Building encoder: yes
configure: ---------------------------------------
Test Program
dec265 [infile]
Asan Output
POC file
libde265-de265_image__available_zscan-heap_overflow.zip
password: leon.zhao.7
CREDIT
Zhao Liang, Huawei Weiran Labs
The text was updated successfully, but these errors were encountered: