stb) Latest (<= commit f056911) stbhw_build_tileset_from_image Out-of-Bounds Readinfo

Titel	Open Source STB Project (https://github.com/nothings/stb) Latest (<= commit f056911) stbhw_build_tileset_from_image Out-of-Bounds Read
Beschreibung	Out-of-Bounds read via user-controlled index. The variable `w` is supplied by the user and directly influences the arithmetic used to determine which element of `data` is read into the local `header` array. If `w` is set to an unexpected or small value, the computed index (`w3 - 1 - i`) can fall outside the bounds of the provided `data` buffer, resulting in an out-of-bounds read. STBHW_EXTERN int stbhw_build_tileset_from_image(stbhw_tileset ts, unsigned char data, int stride, int w, int h) { // ... unsigned char header[9]; // ... for (i = 0; i < 9; ++i) { // w is controlled by the user, affecting the read index: header[i] = data[w3 - 1 - i] ^ (i * 55); } // ... }
Benutzer	ninpwn (UID 82253)
Einreichung	27.03.2025 15:49 (vor 1 Jahr)
Moderieren	07.04.2025 12:56 (11 days later)
Status	Akzeptiert
VulDB Eintrag	303684 [Nothings stb bis f056911 Header Array stbhw_build_tileset_from_image w Information Disclosure]
Punkte	17

Might our Artificial Intelligence support you?

Check our Alexa App!