-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
opj_decompress opj_j2k_update_image_data() Segment falut #948
Labels
Comments
@lcatro , See #882: opj_decompress -i id_000000,sig_11,src_000001,op_flip1,pos_45.j2k -o test.png [INFO] Start to read j2k main header (0). winfried |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Crash File : https://raw.githubusercontent.com/sixtant/Fuzzing-Project/master/openjpeg/id_000000%2Csig_11%2Csrc_000001%2Cop_flip1%2Cpos_45.j2k Fuzzing by AFL
use valgrind for detect crash :
libfuzzer@libfuzzer-virtual-machine:~/fuzzing/openjpeg/bin$ valgrind ./opj_decompress -i fuzzing_decompress/crashes/id:000000,sig:11,src:000001,op:flip1,pos:45.j2k -o fuzzing_decompress/output.png
==23918== Memcheck, a memory error detector
==23918== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==23918== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==23918== Command: ./opj_decompress -i fuzzing_decompress/crashes/id:000000,sig:11,src:000001,op:flip1,pos:45.j2k -o fuzzing_decompress/output.png
==23918==
[INFO] Start to read j2k main header (0).
[INFO] Main header has been correctly decoded.
[INFO] No decoded area parameters, set the decoded area to the whole image
[INFO] Header of tile 1 / 1 has been read.
[INFO] Tile 1/1 has been decoded.
==23918==
==23918== Process terminating with default action of signal 11 (SIGSEGV)
==23918== General Protection Fault
==23918== at 0x4E9466C: opj_j2k_update_image_data.isra.14 (j2k.c:8948)
==23918== by 0x4EBDA5A: opj_j2k_decode_tiles (j2k.c:10354)
==23918== by 0x4E87CDD: opj_j2k_exec (j2k.c:7822)
==23918== by 0x4EC4CD2: opj_j2k_decode (j2k.c:10563)
==23918== by 0x40410D: main (opj_decompress.c:1435)
==23918==
==23918== HEAP SUMMARY:
==23918== in use at exit: 1,822,172 bytes in 454 blocks
==23918== total heap usage: 563 allocs, 109 frees, 1,846,807 bytes allocated
==23918==
==23918== LEAK SUMMARY:
==23918== definitely lost: 0 bytes in 0 blocks
==23918== indirectly lost: 0 bytes in 0 blocks
==23918== possibly lost: 0 bytes in 0 blocks
==23918== still reachable: 1,822,172 bytes in 454 blocks
==23918== suppressed: 0 bytes in 0 blocks
==23918== Rerun with --leak-check=full to see details of leaked memory
==23918==
==23918== For counts of detected and suppressed errors, rerun with: -v
==23918== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Segment falut
Credit : Sixtant Security Lab
The text was updated successfully, but these errors were encountered: