| Summary: | Valgrind issues found by fuzzing in opj_v4dwt_interleave_h (dwt.c:635) | ||
|---|---|---|---|
| Product: | MuPDF | Reporter: | Marcos H. Woehrmann <marcos.woehrmann> |
| Component: | fuzzing | Assignee: | MuPDF bugs <mupdf-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | robin.watts, zeniko |
| Priority: | P4 | ||
| Version: | master | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Customer: | Word Size: | --- | |
| Attachments: | log.txt | ||
Proposed fix: http://git.ghostscript.com/?p=user/zeniko/ghostpdl.git;a=commitdiff;h=ea6e58fa7bf818b917b22c2b2652fcb9b684a925 Fixed by: commit e48b28074876f5ff65c1d90595cbdcf57bef9e6f Author: Simon Bünzli <zeniko@gmail.com> Date: Wed Jan 15 02:00:12 2014 +0100 Bug 694893: prevent overflow in opj_int_ceildivpow2 This can be seen e.g. in: 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf Thanks to Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for providing the example files. |
Created attachment 10533 [details] log.txt Valgrind issues in the 64 bit build of mupdf were found by fuzzing in opj_v4dwt_interleave_h (dwt.c:635) while reading these files. See the attached log.txt for details. 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.200.0 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.200.1 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.pgmraw.72.0 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.200.0 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.200.1 4241ac039aba57e6a9c948d519d94216_asan_heap-oob_14650f2_7469_602.pdf.ppmraw.72.0