From: Hanno B. <ha...@hb...> - 2016-12-20 14:18:24
|
Hi, Attached file will cause a buffer overread that can be detected with address sanitizer. Found with afl. ASAN stack trace: ==27842==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f13e2fff800 at pc 0x00000051195a bp 0x7ffdac9d9330 sp 0x7ffdac9d9328 READ of size 4 at 0x7f13e2fff800 thread T0 #0 0x511959 in unreorder_channels /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:2142:27 #1 0x511959 in unpack_dsd_audio /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1715 #2 0x511959 in unpack_file /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1292 #3 0x5051d8 in main /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:769:22 #4 0x7f13e5a98690 in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289 #5 0x4198f8 in _start (/mnt/ram/wavpack-5.0.0/cli/wvunpack+0x4198f8) 0x7f13e2fff800 is located 0 bytes to the right of 4177920-byte region [0x7f13e2c03800,0x7f13e2fff800) allocated by thread T0 here: #0 0x4c9d68 in __interceptor_malloc (/mnt/ram/wavpack-5.0.0/cli/wvunpack+0x4c9d68) #1 0x50bdae in unpack_dsd_audio /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1703:19 #2 0x50bdae in unpack_file /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:1292 #3 0x5051d8 in main /mnt/ram/wavpack-5.0.0/cli/wvunpack.c:769:22 #4 0x7f13e5a98690 in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289 -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hb... GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 |