Closed gutiniao closed 4 years ago
No need to report fuzzing issues since matio is on OSS-Fuzz with still about 40 open issues.
Instead of v1.5.17, please rerun the test against current master and reopen if the issue is still reproducible.
No need to report fuzzing issues since matio is on OSS-Fuzz with still about 40 open issues.
Instead of v1.5.17, please rerun the test against current master and reopen if the issue is still reproducible.
Yes, I just use 'git clone' to fetch the current master of the matio,the issue is still reproducible.
i 'm sure the issue is different from the fuzzing issues on OSS-fuzz.
I can confirm that the number of allocated bytes is high, but I cannot confirm the crash.
CVE-2019-20019 has been assigned for this issue.
A crafted input will lead to crash in mat5.c at matio 1.5.17. Triggered by ./matdump POC
Poc 004Mat_VarRead53574
The ASAN information is as follows:
about code (3574)