[Pkg-libburnia-devel] Bug#872545: libisofs6: heap-based buffer overflow in read_aaip_AL()
scdbackup at gmx.net
Fri Aug 18 13:04:56 UTC 2017
my valgrind even says:
valgrind: the 'impossible' happened:
Killed by fatal signal
The trigger is an AAIP AL entry of length 4. The minimum size of an AL
entry is 6. This assumption made the code too optimistic about the
"Preventing buffer overflow with AAIP AL entry of insufficient size.
Debian bug 872545. Thanks Jakub Wilk and American Fuzzy Lop."
Have a nice day :)
More information about the Pkg-libburnia-devel