Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Jan 2016 22:31:42 +0800 (CST)
From: xiaoqixue_1  <>
Subject: a bug in gif2rgb.c in giflib-5.1.2

We find a memory allocation whose size could be zero in gif2rgb.c. 
and It will result to several memory out of bound read and write. the bug in gif2rgb.c:386 :

386 if ((ScreenBuffer = (GifRowType *) 
387 malloc(GifFile->SHeight * sizeof(GifRowType))) == NULL) 
388 GIF_EXIT("Failed to allocate memory required, aborted.");

Please see "" for more details.

the bug was found by Qixue Xiao at Tsinghua University.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ