Heap-based Buffer Overflow in hoene/libmysofa
Valid
Reported on
Oct 18th 2021
Description
system : ubuntu 20.04
build command
cd libmysofa
mkdir build
cd build
CC=clang CXX=clang++ CFLAGS="-fsanitize=address -g" CXXFLAGS="-fsanitize=address -g" cmake ../
make all
Proof of Concept
https://drive.google.com/file/d/1JbQAECc_j5-SDRZVUsRWiaBgJQZ0nMiK/view?usp=sharing
repro
./mysofa2json -c ./libmysofa_loudness
asan report
==1987809==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fd5e74bc000 at pc 0x0000004f1efa bp 0x7fffe97e30b0 sp 0x7fffe97e30a8
READ of size 4 at 0x7fd5e74bc000 thread T0
#0 0x4f1ef9 in mysofa_loudness /home/fuzz/libmysofa/src/hrtf/loudness.c:32:12
#1 0x4e17af in mysofa_open_default /home/fuzz/libmysofa/src/hrtf/easy.c:62:5
#2 0x4c7395 in main /home/fuzz/libmysofa/src/tests/sofa2json.c:104:13
#3 0x7fd5ea2530b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
#4 0x41d48d in _start (/home/fuzz/libmysofa/mysofa2json+0x41d48d)
We have contacted a member of the
hoene/libmysofa
team and are waiting to hear back
2 years ago
to join this conversation