#460 A division by zero vulnerability

[WangShiyang]

Overview:

I discovered an division by zero vulnerability in lame, which is caused by mal-constructed input file using American Fuzzy Loop.

Report and POC：

The detail analysis report and PoC files can be found in the attachment. In order to avoid disclosing it before release of patch, I have encrypted the zip file. Developers can communicate with me to get the password.

Author

name: Shiyang,Wang @ VARAS of IIE ,Bingchang, Liu @ VARAS of IIE
email: wangshiyang@iie.ac.cn
org: IIE (http://iie.ac.cn)

[WangShiyang]

this bug has been sigend CVE-2017-11720.

[Agostino Sarubbo]

are you sure that is not a duplicate of this issue?
https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/

[WangShiyang]

the password of the poc file is $12a461oxxp1o$@autgnaw

[Robert Hegemann]

Thanks, it will be fixed in version 3.100.