Headline
CVE-2019-13114: null pointer dereference in http.cpp · Issue #793 · Exiv2/exiv2
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
@kevinbackhouse Thanks for the reporting this and the other vulnerabilities you’ve found in the png and webp code.
Are you willing to work with Team Exiv2 to fix some of this stuff. Let me explain our situation:
We’re a small group of volunteers (6 regulars). We are currently refactoring a lot of the code in C++11 for v0.28 and hope to complete that work in 2020. When that’s in progress, we’ll have quarterly “dot” releases of v0.27 with security and important bug fixes.
The guys doing the refactoring have to “break out” from their project to deal with those security fixes and they have to implemented for both v0.27 and v0.28.
Many of those security issues are small changes to the code (testing for integer overflow or testing null-pointers). If you’d be willing to get involved with the project and report both the fix and the issue, life would be less stressful for us.
Perhaps you could share your thoughts with us. You’ve reported 4 issues today. Is this the first of 40, or the last of 4?
Please understand that we appreciate you taking the time to find and report issues. However please understand that we are a small team and you can overwhelm us with your enthusiasm!
Team Exiv2 use “Slack” to talk to each other directly. If you send me your email address, I will invite you to join us. My email is [email protected]