oss-sec mailing list archives

Re: potrace: invalid memory access in findnext (decompose.c)

From: Johannes Segitz <jsegitz () suse com>
Date: Mon, 17 Oct 2016 10:58:07 +0200

On Sat, Oct 08, 2016 at 10:29:54PM +0200, Agostino Sarubbo wrote:

A crafted image revealed, through a fuzz testing, the presence of a invalid 
memory access.


Thanks for the report. Can you please post the reproducer?

Johannes
-- 
GPG Key E7C81FA0       EE16 6BCE AD56 E034 BFB3  3ADD 7BF7 29D5 E7C8 1FA0
Subkey fingerprint:    250F 43F5 F7CE 6F1E 9C59  4F95 BC27 DD9D 2CC4 FD66
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)

Attachment: signature.asc
Description: Digital signature

Current thread:

potrace: invalid memory access in findnext (decompose.c) Agostino Sarubbo (Oct 08)
- Re: potrace: invalid memory access in findnext (decompose.c) cve-assign (Oct 15)
- Re: potrace: invalid memory access in findnext (decompose.c) Johannes Segitz (Oct 17)
  - Re: potrace: invalid memory access in findnext (decompose.c) Agostino Sarubbo (Oct 17)