Headline
CVE-2023-36274: [FUZZ] two bugs in dwg2dxf · Issue #677 · LibreDWG/libredwg
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
Comments
rurban changed the title [BUG] two bugs in dwg2dxf [FUZZ] two bugs in dwg2dxf
Mar 30, 2023
rurban added a commit that referenced this issue
Mar 30, 2023
Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677
rurban added a commit that referenced this issue
Mar 30, 2023
1.: use unsigned length 2.: fix wrong size check for case 9, long len.
Fixes GH #677
rurban added a commit that referenced this issue
Mar 30, 2023
Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677
rurban added a commit that referenced this issue
Mar 30, 2023
1.: use unsigned length 2.: fix wrong size check for case 9, long len.
Fixes GH #677
rurban added a commit that referenced this issue
Mar 30, 2023
Sanitize wrong auxheader_address or auxheader_size. Fixes part1 of GH #677
rurban added a commit that referenced this issue
Mar 30, 2023
1.: use unsigned length 2.: fix wrong size check for case 9, long len.
Fixes GH #677
rurban added a commit that referenced this issue
Mar 31, 2023