You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[BUG]heap-buffer-overflow at src/include/OpenImageIO/detail/farmhash.h in OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*) in openimageio
#4550
Open
Frank-Z7 opened this issue
Dec 2, 2024
· 0 comments
We discovered a heap overflow bug in src/include/OpenImageIO/detail/farmhash.h while fuzzing iconvert and oiiotool.
The latest version also has this vulnerability.
Version
# ./bin/oiiotool --version
3.1.0.0dev
# ./bin/iconvert -v
iconvert: Must have both an input and output filename specified.
iconvert -- copy images with format conversions and other alterations
OpenImageIO 3.1.0.0dev http://www.openimageio.org
Description
Dear developers,
We discovered a heap overflow bug in src/include/OpenImageIO/detail/farmhash.h while fuzzing iconvert and oiiotool.
The latest version also has this vulnerability.
Version
PoC
poc1iconvert: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc1iconvert
poc1oiio: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc1oiio
Reproduction
Address Sanitizer log
Environment
Thanks for your time!
The text was updated successfully, but these errors were encountered: