| 제목 | Tiff to PS conversion crashes due to incorrect memory size request in libtiff |
|---|
| 설명 | When converting A TIFF file to a PS file, a well-crafted TIFF can result in a mis-sized memory request. This can result in a local denial of service
OS:ubuntu 20.04
LIBTIFF, Version 4.3.0
Command: ./tiff2ps -2 -a Poc.tiff
POC Link : https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff
ASAN Report:
==1860246==ERROR: AddressSanitizer: allocator is out of memory trying to allocate 0x2000000000 bytes
#0 0x499d1d in __interceptor_malloc (/home/user/libtiff/tools/.libs/tiff2ps+0x499d1d)
#1 0x7ffff7a46193 in _init (/lib/x86_64-linux-gnu/libjbig.so.0+0x1193)
#2 (closed) 0x7ffff7db3407 (/home/user/libtiff/libtiff/.libs/libtiff.so.5+0x3407)
==1860246==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: out-of-memory (/home/user/libtiff/tools/.libs/tiff2ps+0x499d1d) in __interceptor_malloc
==1860246==ABORTING
See the link below for more information:
https://gitlab.com/libtiff/libtiff/-/issues/402
|
|---|
| 원천 | ⚠️ https://gitlab.com/libtiff/libtiff/-/issues/402 |
|---|
| 사용자 | patchkey (UID 25647) |
|---|
| 제출 | 2022. 04. 03. AM 08:48 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 04. 03. AM 09:00 (12 minutes later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 196363 [LibTIFF 4.3.0 tiff2ps 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|