CVE-2019-16348: NULL Pointer Dereference in gain_file() at wav_gain.c:33 · Issue #24 · marc-q/libwav

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

Marsman1996 opened this issue

Aug 15, 2019

· 0 comments

Comments

Tested in Ubuntu 14.04, 64bit, libwav (master 5cc8746)

Triggered by
$ ./wav_gain $POC /dev/null

POC file:
https://github.com/Marsman1996/pocs/blob/master/libwav/poc18-gain_file-SEGV

ASAN info:

ASAN:SIGSEGV
=================================================================
==21704== ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7faf08a8ce02 sp 0x7ffc93c70b50 bp 0xac4400020001 T0)
AddressSanitizer can not provide additional info.
    #0 0x7faf08a8ce01 (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x7e01)
    #1 0x7faf08a9a367 (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x15367)
    #2 0x400d80 in gain_file /home/aota10/MARS_fuzzcompare/test/wav_gain/build_asan/wav_gain.c:33
    #3 0x400d80 in main /home/aota10/MARS_fuzzcompare/test/wav_gain/build_asan/wav_gain.c:43
    #4 0x7faf086ddf44 (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #5 0x400e24 in _start (/home/aota10/MARS_fuzzcompare/test/wav_gain/bin_asan/bin/wav_gain+0x400e24)
SUMMARY: AddressSanitizer: SEGV ??:0 ??
==21704== ABORTING

Marsman1996 changed the title NULL Pointer Dereference in gain_file at wav_gain.c:33 NULL Pointer Dereference in gain_file() at wav_gain.c:33

Aug 15, 2019

1 participant