Menu

#221 Out of bounds heap in HFS+ module

1.65
open
nobody
None
5
2016-02-09
2016-02-09
hangjun go
No

Regarding sleuthkit 4.2.0
hfs_load_extended_attrs() hfs.c When called from hfs_make_catalog() attributeLength is not sanity check, so attributeLength got a very large number will result in a heap overflow of memcpy(buffer, attrData->attr_data, attributeLength);

To reproduce, uncompress the attached image and run "fls 58"

1 Attachments

Discussion


Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.