-
Notifications
You must be signed in to change notification settings - Fork 616
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SEGV exrheader in ImfMultiPartInputFile.cpp:579 #491
Labels
Bug
A bug in the source code
Comments
peterhillman
added a commit
to peterhillman/openexr
that referenced
this issue
Jul 25, 2019
kdt3rd
added a commit
to kdt3rd/openexr
that referenced
this issue
Jul 25, 2019
… reconstructing chunk offset table The chunk offset was incorrectly testing for a part number that was the same size (i.e. an invalid index) Signed-off-by: Kimball Thurston <kdt3rd@gmail.com>
CVE-2020-16587 seems to have been assigned for this issue. |
Please, communicate with NVD (https://nvd.nist.gov/info) and update the applicable version. As I understand it was fixed in 2.4.0. |
DominicJacksonBFX
pushed a commit
to boris-fx/mocha-openexr
that referenced
this issue
Jun 22, 2022
… reconstructing chunk offset table The chunk offset was incorrectly testing for a part number that was the same size (i.e. an invalid index) Signed-off-by: Kimball Thurston <kdt3rd@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I found a crash due to a heap buffer overflow bug on exrheader (the latest commit
9410823
on master).PoC: https://github.com/strongcourage/PoCs/blob/master/openexr_9410823/PoC_hbo_chunkOffsetReconstruction
Command: exrheader $PoC
ASAN says:
Thanks,
Manh Dung
The text was updated successfully, but these errors were encountered: