Bug 694893 - Valgrind issues found by fuzzing in opj_v4dwt_interleave_h (dwt.c:635)
Summary: Valgrind issues found by fuzzing in opj_v4dwt_interleave_h (dwt.c:635)
Status: RESOLVED FIXED
Alias: None
Product: MuPDF
Classification: Unclassified
Component: fuzzing (show other bugs)
Version: master
Hardware: PC Linux
: P4 normal
Assignee: MuPDF bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-08 21:51 UTC by Marcos H. Woehrmann
Modified: 2014-01-20 06:51 UTC (History)
2 users (show)

See Also:
Customer:
Word Size: ---

Attachments
log.txt (289.19 KB, text/plain)
2014-01-08 21:51 UTC, Marcos H. Woehrmann 		Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcos H. Woehrmann 2014-01-08 21:51:20 UTC 
Created attachment 10533 [details]
log.txt

Valgrind issues in the 64 bit build of mupdf were found by fuzzing in opj_v4dwt_interleave_h (dwt.c:635) while reading these files. See the attached log.txt for details.

4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.200.0
4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.200.1
4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.72.0
4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.200.0
4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.200.1
4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.72.0
Comment 2 Robin Watts 2014-01-20 06:51:11 UTC 
Fixed by:

commit e48b28074876f5ff65c1d90595cbdcf57bef9e6f
Author: Simon Bünzli <zeniko@gmail.com>
Date:   Wed Jan 15 02:00:12 2014 +0100

    Bug 694893: prevent overflow in opj_int_ceildivpow2

    This can be seen e.g. in:

    4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf

    Thanks to Mateusz Jurczyk and Gynvael Coldwind of the Google Security
    Team for providing the example files.