Submit #103763: tinydng heap-buffer-overflowinfo

Titletinydng heap-buffer-overflow
Descriptionissues: https://github.com/syoyo/tinydng/issues/28 A heap-based buffer overflow issue was discovered in tinydng in tiny_dng_loader.h file. The flow allows an attacker to cause a denial of service (abort) via a crafted file. AddressSanitizer: heap-buffer-overflow in __interceptor_memcpy READ of size 6927 at 0x619000000430 thread T0 ASAN: ==3709290==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61c000000708 at pc 0x55555558e4c0 bp 0x7fffffff2f90 sp 0x7fffffff2f80 READ of size 1 at 0x61c000000708 thread T0 #0 0x55555558e4bf in stbi__get8 /home/ubuntu/Desktop/tinydng/stb_image.h:1557 #1 0x55555558e4bf in stbi__tga_load /home/ubuntu/Desktop/tinydng/stb_image.h:5797 #2 0x55555558e4bf in stbi__load_main /home/ubuntu/Desktop/tinydng/stb_image.h:1124 #3 0x55555558f624 in stbi__load_and_postprocess_8bit /home/ubuntu/Desktop/tinydng/stb_image.h:1203 #4 0x55555558fe00 in stbi_load_from_memory /home/ubuntu/Desktop/tinydng/stb_image.h:1373 #5 0x5555555b1007 in tinydng::LoadDNGFromMemory(char const*, unsigned int, std::vector<tinydng::FieldInfo, std::allocator<tinydng::FieldInfo> >&, std::vector<tinydng::DNGImage, std::allocator<tinydng::DNGImage> >*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*) /home/ubuntu/Desktop/tinydng/tiny_dng_loader.h:5478 #6 0x5555555ba586 in tinydng::LoadDNG(char const*, std::vector<tinydng::FieldInfo, std::allocator<tinydng::FieldInfo> >&, std::vector<tinydng::DNGImage, std::allocator<tinydng::DNGImage> >*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*) /home/ubuntu/Desktop/tinydng/tiny_dng_loader.h:4937 #7 0x5555555baf87 in main /home/ubuntu/Desktop/tinydng/test.cpp:33 #8 0x7ffff706b082 in __libc_start_main ../csu/libc-start.c:308 #9 0x55555555dd6d in _start (/home/ubuntu/Desktop/tinydng/asan_tinydng+0x9d6d) ```
Source⚠️ https://github.com/10cksYiqiyinHangzhouTechnology/tinydngSecurityIssueReport1
User
 10cksYiqiyinHangzhouTechnology (UID 41666)
Submission03/21/2023 01:30 (3 years ago)
Moderation03/22/2023 12:03 (1 day later)
StatusAccepted
VulDB entry223562 [syoyo tinydng tiny_dng_loader.h __interceptor_memcpy heap-based overflow]
Points20

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!