AddressSanitizer: heap-buffer-overflow at libpff_table.c:8998 - Githubissues

libyal / libpff

Library and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format

GNU Lesser General Public License v3.0

289 stars 74 forks source link

AddressSanitizer: heap-buffer-overflow at libpff_table.c:8998 #60

Closed hongxuchen closed 6 years ago

hongxuchen commented 6 years ago

POC files: https://github.com/ntu-sec/pocs/blob/master/libpff-4938b7a/crashes/hbo_libpff_table.c%3A8998_1.input.txt https://github.com/ntu-sec/pocs/blob/master/libpff-4938b7a/crashes/hbo_libpff_table.c%3A8998_2.input.txt

ASan output: https://github.com/ntu-sec/pocs/blob/master/libpff-4938b7a/crashes/hbo_libpff_table.c%3A8998_1.err.SIG06 https://github.com/ntu-sec/pocs/blob/master/libpff-4938b7a/crashes/hbo_libpff_table.c%3A8998_2.err.SIG06

joachimmetz commented 6 years ago

Addressed in https://github.com/libyal/libpff/commit/aa2d19f1501db77b12b77589179a862f61543d5f

Cause OOB read