제출 #94974: imageinfo buffer overflow정보

제목imageinfo buffer overflow
설명imageinfo project has buffer overflow in the imageinfo.hpp file, attackers can crash software by constructing malicious files.In imageinfo.hpp 497 lines to 509 lines, this loop function didn't safety check offset value, Eventually overflow. The poc url is: https://github.com/10cksYiqiyinHangzhouTechnology/imageinfo_poc The project issue is: https://github.com/xiaozhuai/imageinfo/issues/1#issue-1600041028 Vulnerability function: ```cpp off_t offset = 0; // typedef long _off_t; off_t offset = 0; off_t end = metaLength; while (offset < end) { uint32_t boxSize = buffer.readU32BE(offset); // uint32_t readU32BE; if (buffer.cmpAnyOf(offset + 4, 4, {"iprp", "ipco"})) { end = offset + boxSize; offset += 8; } else if (buffer.cmp(offset + 4, 4, "ispe")) { width = buffer.readU32BE(offset + 12); height = buffer.readU32BE(offset + 16); return true; } else { offset += boxSize; } } ```
원천⚠️ https://github.com/10cksYiqiyinHangzhouTechnology/imageinfo_poc
사용자
 10cksYiqiyinHangzhouTechnology (UID 41666)
제출2023. 02. 26. PM 01:43 (3 연령 ago)
모더레이션2023. 03. 06. AM 08:17 (8 days later)
상태수락
VulDB 항목222362 [xiaozhuai imageinfo 까지 3.0.3 imageinfo.hpp 메모리 손상]
포인트들20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!