Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Sep 2016 20:41:43 +0800
From: <>
Subject: CVE request - openjpeg null ptr dereference

# Vulnerability
openjpeg null ptr dereference in convert.c:1331

# Version
2.1.1  ( )

# Address Sanitizer Output
==7358==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000 (pc
0x0815d204 bp 0xff846938 sp 0xff846380 T0)
    #0 0x815d203 in skip_white
    #1 0x8135d81 in main
    #2 0xf7343636 in __libc_start_main ??:?
    #3 0x807a31b in _start ??:?

# PoC
See poc.ppm

# Analysis
In convert.c:1483 and convert.c:1485, variable s is uncheck after
skip_int is called.
A null ptr will be passed to skip_int again and will cause a null ptr

# Report Timeline
2016-09-16: FB3F15 of STARLAB discovered this issue
2016-09-18:Patch released

# Credit

# PoC

# External link

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.