When running lepton -unjailed $POC /tmp/test.jpg, it output the messages:
lepton v1.0-1.2.1-171-g3f6d98c
START ACHIEVED 1531794366 328204
src/lepton/jpgcoder.cc:4160:83: runtime error: signed integer overflow: -1509949439 * 2 cannot be represented in type 'int'
Assert Failed: false && "Data not properly zlib coded" at (src/lepton/jpgcoder.cc:4162)
When running lepton $POC /tmp/test.jpg, it crashes with message like:
lepton v1.0-1.2.1-171-g3f6d98c
=================================================================
[1] 97197 invalid system call ~/FOT/lepton/lepton ./hbo_inflate.c:1170_2.lep
We found with our fuzzer an interger overflow error inside
read_ujpgfrom jpgcoder.cc when feeding lepton 3f6d98c with a crafted lep file.POC: https://github.com/ntu-sec/pocs/blob/master/lepton-3f6d98c/crashes/iof_jpgcoder.cc:4160_1.lep?raw=true
When running
lepton -unjailed $POC /tmp/test.jpg, it output the messages:When running
lepton $POC /tmp/test.jpg, it crashes with message like: