Headline
CVE-2022-37769: Segmentation fault in HuffmanDecoder::Get · Issue #78 · thorfdbg/libjpeg
libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.
Hi, there.
There is a segmentation fault in the newest master branch.
Program received signal SIGSEGV, Segmentation fault.
HuffmanDecoder::Get (this=0x0, io=0x7933c8)
at /home/users/chluo/libjpeg/codestream/../coding/huffmandecoder.hpp:112
warning: Source file is more recent than executable.
(gdb) bt
#0 HuffmanDecoder::Get (this=0x0, io=0x7933c8)
at /home/users/chluo/libjpeg/codestream/../coding/huffmandecoder.hpp:112
#1 0x0000000000491388 in LosslessScan::ParseMCU (this=0x793250, prev=0x7fffffffda90,
top=0x7fffffffda70) at losslessscan.cpp:374
#2 0x0000000000491b4a in LosslessScan::ParseMCU (this=0x793250)
at losslessscan.cpp:440
#3 0x000000000043aca1 in JPEG::ReadInternal (this=0x7904c8, tags=0x7fffffffdd40)
at jpeg.cpp:345
#4 0x000000000043988b in JPEG::Read (this=0x7904c8, tags=0x7fffffffdd40)
at jpeg.cpp:210
#5 0x000000000041cabb in Reconstruct (infile=<optimized out>,
outfile=0x7fffffffe6fc "/dev/null", colortrafo=1, alpha=0x0, upsample=true)
at reconstruct.cpp:121
#6 0x0000000000408b6a in main (argc=<optimized out>, argv=0x0) at main.cpp:747