Closed SuhwanSong closed 4 years ago
CVE-2019-20140 has been assigned for this issue.
Verified in 686d234ae20f97b9d816d4147ba3f4b90dbae72e
Minimized sample: SHA1: 85389ae464df327f18f0bd00fe977aac6ff56025
Has this issue been fixed in https://github.com/saitoha/libsixel/commit/598c8c88c97fd2eb5f6f5d1324fc325e66317f0c ?
Verified in 686d234
Fixed on v1.8.5. Thanks!
version : img2sixel 1.8.4 OS : Ubuntu 18.04 configured with: libcurl: yes libpng: yes libjpeg: yes gdk-pixbuf2: no GD: no
There is a heap-buffer-overflow in gif_out_code at fromgif.c:278 please run following cmd to reproduce it.
poc ASAN LOG