|
From: Hanno B. <ha...@hb...> - 2016-12-20 14:18:24
|
Hi,
Attached file will cause a buffer overread that can be detected with
address sanitizer. Found with afl.
ASAN stack trace:
==27842==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f13e2fff800 at pc 0x00000051195a bp 0x7ffdac9d9330 sp 0x7ffdac9d9328
READ of size 4 at 0x7f13e2fff800 thread T0
#0 0x511959 in unreorder_channels /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:2142:27
#1 0x511959 in unpack_dsd_audio /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1715
#2 0x511959 in unpack_file /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1292
#3 0x5051d8 in main /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:769:22
#4 0x7f13e5a98690 in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289
#5 0x4198f8 in _start (/mnt/ram/wavpack-5.0.0/cli/wvunpack+0x4198f8)
0x7f13e2fff800 is located 0 bytes to the right of 4177920-byte region [0x7f13e2c03800,0x7f13e2fff800)
allocated by thread T0 here:
#0 0x4c9d68 in __interceptor_malloc (/mnt/ram/wavpack-5.0.0/cli/wvunpack+0x4c9d68)
#1 0x50bdae in unpack_dsd_audio /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1703:19
#2 0x50bdae in unpack_file /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1292
#3 0x5051d8 in main /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:769:22
#4 0x7f13e5a98690 in
__libc_start_main /var/tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289
--
Hanno Böck
https://hboeck.de/
mail/jabber: ha...@hb...
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
|