Date: Fri, 29 Jul 2016 09:31:04 +0200 From: Agostino Sarubbo <ago@...too.org> To: cve-assign@...re.org Cc: oss-security@...ts.openwall.com Subject: Re: Re: paps: heap overflow when processing crafted file On Thursday 28 July 2016 17:01:38 cve-assign@...re.org wrote: > Also, the patch is apparently only about handling empty files, The bug comes from the fuzzer, which did not pass an empty file. Later, I discovered that an empty file has the same behaviour of the crafted. In other words: - The same crash happen for the empty and crafted file. - The patch covers both cases (when the file is empty and when contains random data). -- Agostino Sarubbo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.