There is a heap overflow in hcom.c:161. Function startread. With crafted hcomn file, the vuln is exploitable. Trigger command: ./src/.libs/sox bug2 -n noiseprof /dev/null
startread
In AddressSanitizer:
In gdb:
The crafted file is attached.
$ sox ~/Downloads/sox-zero.hcom -n noiseprof /dev/null sox FAIL formats: can't open input file `/Users/hans/Downloads/sox-zero.hcom': premature EOF
Log in to post a comment.