test
test
test
You can refer to this bug using CVE-2019-15540 in the next release changelog.
Ok ty for the quick fix. When you think is appropriate, could you make this ticket public? I've requested a CVE cause I found the bug using my fuzzer and I'm going to submit a paper about such fuzzer in a security conference. The motivation of the CVE request is simply that reviewers like a list of CVE (yes this is not so academic but I don't decide the rules). If you have never used a fuzzer and you want to automatically finds similar bugs in the future I can share with you my fuzzing setup for...
Ok ty for the quick fix. When you think it appropriate, could you make this ticket public? I've requested a CVE cause I found the bug using my fuzzer and I'm going to submit a paper about such fuzzer in a security conference. The motivation of the CVE request is simply that reviewers like a list of CVE (yes this is not so academic but I don't decide the rules). If you have never used a fuzzer and you want to automatically finds similar bugs in the future I can share with you my fuzzing setup for...
If you need further details (the patch is quite naive) don't esitate to ask.
Critical vulnerability in the CSO filter
Well formatted patch (SourceForge interpreted the patch as hypertext in the issue text): --- parser_old.c 2019-08-23 20:28:29.036521000 +0200 +++ parser.c 2019-08-23 20:34:24.236933435 +0200 @@ -988,6 +988,14 @@ is a MTYP block provided */ mirage_disc_set_medium_type(self->priv->disc, MIRAGE_MEDIUM_CD); + /* Length integrity check */ + if (self->priv->nrg_data_length == 0) { + MIRAGE_DEBUG(self, MIRAGE_DEBUG_WARNING, "%s: rg_data_length must be greater than 0!\n", __debug__); + g_set_error(error,...
Well formatted patch (SourceForge interpreted the pacth as hypertext in the issue text): --- parser_old.c 2019-08-23 20:28:29.036521000 +0200 +++ parser.c 2019-08-23 20:34:24.236933435 +0200 @@ -988,6 +988,14 @@ is a MTYP block provided */ mirage_disc_set_medium_type(self->priv->disc, MIRAGE_MEDIUM_CD); + /* Length integrity check */ + if (self->priv->nrg_data_length == 0) { + MIRAGE_DEBUG(self, MIRAGE_DEBUG_WARNING, "%s: rg_data_length must be greater than 0!\n", __debug__); + g_set_error(error,...
Null Pointer Dereference in libmirage 3.2.2
Initial commit
Initial commit