There is a vulnerability in abcm2ps in the music.c in set_beams function when parsing a malformed file .
Poc is attached .
Output :
id:000667,sig:11,src:010737+005331,time:2006285,op:splice,rep:16:29:40: error: Wrong duration in voice overlay
id:000667,sig:11,src:010737+005331,time:2006285,op:splice,rep:16:33:0: error: Bad character 'I'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==29027==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x000000572b49 bp 0x7ffcb8fe8c10 sp 0x7ffcb8fe7560 T0)
==29027==The signal is caused by a READ memory access.
==29027==Hint: address points to the zero page.
#0 0x572b49 in set_beams /home/arash/abcm2ps/music.c:3699:22
#1 0x572b49 in output_music /home/arash/abcm2ps/music.c:5091:3
#2 0x6b7a79 in generate /home/arash/abcm2ps/parse.c:1042:2
#3 0x645f70 in gen_ly /home/arash/abcm2ps/parse.c:1063:2
#4 0x645f70 in do_tune /home/arash/abcm2ps/parse.c:3643:2
#5 0x54a1da in abc_eof /home/arash/abcm2ps/abcparse.c:202:2
#6 0x54a1da in frontend /home/arash/abcm2ps/front.c:905:2
#7 0x33549c in treat_file /home/arash/abcm2ps/abcm2ps.c:240:2
#8 0x339393 in main /home/arash/abcm2ps/abcm2ps.c:1041:3
#9 0x7f15bf9f7bf6 in __libc_start_main /build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:310
#10 0x2868d9 in _start (/home/arash/abcm2ps/abcm2ps.laf.asan+0x2868d9)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/arash/abcm2ps/music.c:3699:22 in set_beams
==29027==ABORTING
There is a vulnerability in abcm2ps in the
music.c
inset_beams
function when parsing a malformed file .Poc is attached .
Output :
poc2.zip