oss-sec mailing list archives
Re: Re: Fuzzing jasper
From: Agostino Sarubbo <ago () gentoo org>
Date: Mon, 17 Oct 2016 09:30:49 +0200
On Monday 17 October 2016 01:02:45 Hanno Böck wrote:
I tested the code again with afl (after the fixes for the stuff Agostino reported) and it immediately found multiple issues:
Great job. I also was waiting for the next release to re-fuzz
https://github.com/mdadams/jasper/issues/31 double free on jpeg parsing
This is a duplicate of the double-free I reported, but upstream said that he can't reproduce. -- Agostino
Current thread:
- Re: Fuzzing jasper cve-assign (Oct 15)
- Re: Re: Fuzzing jasper Graham Christensen (Oct 16)
- Re: Re: Fuzzing jasper Agostino Sarubbo (Oct 16)
- Re: Re: Fuzzing jasper Hanno Böck (Oct 16)
- Re: Re: Fuzzing jasper Agostino Sarubbo (Oct 17)
- Re: Fuzzing jasper cve-assign (Oct 22)
- Re: Fuzzing jasper cve-assign (Oct 23)
- <Possible follow-ups>
- Re: Fuzzing jasper Agostino Sarubbo (Oct 16)
- Re: Re: Fuzzing jasper Graham Christensen (Oct 16)