libming:memory leak in parseSWF_SHAPEWITHSTYLE
Description
Ming is a library for generating Macromedia Flash files (.swf), written in C, and for working includes useful utilities king with .swf files.
A memory leak vulnerability was found in function parseSWF_SHAPEWITHSTYLE in parser.c, which allows attackers to cause a denial of service via a crafted file.
#listswf $FILE Direct leak of 576 byte(s) in 1 object(s) allocated from: #0 0x4e004d in realloc /home/haojun/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:79 #1 0x5bf458 in parseSWF_SHAPEWITHSTYLE /home/haojun/Downloads/libming-master/util/parser.c:882:49 #2 0x5d7315 in parseSWF_DEFINESHAPE3 /home/haojun/Downloads/libming-master/util/parser.c:2259:3 Direct leak of 410 byte(s) in 1 object(s) allocated from: #0 0x4e004d in realloc /home/haojun/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:79 #1 0x543350 in cws2fws /home/haojun/Downloads/libming-master/util/main.c:111:15 #2 0x5444c6 in readMovieHeader /home/haojun/Downloads/libming-master/util/main.c:198:18 #3 0x5444c6 in main /home/haojun/Downloads/libming-master/util/main.c:346 #4 0x7f8b1e9e3b34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274 ...... 3020 byte(s) leaked in 12 allocation(s).
Affected version: latest version
Fixed version:N/A
Commit fix:N/A
Credit: ADLab of Venustech.
CVE:N/A
Reproducer:
Timeline:
2017-06-07:bug discovered and reported to the libming GitHub issue page
2017-07-24:blog post about the issue
Permalink:
https://somevulnsofadlab.blogspot.com/2017/07/libmingmemory-leak-in.html
https://somevulnsofadlab.blogspot.com/2017/07/libmingmemory-leak-in.html
评论
发表评论