You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
Version
img2sixel 1.8.6, commit id 6a5be8b (Tue Jan 14 02:27:00 2020 +0900)
Reproduction
# img2sixel -w 128 poc /tmp/foo
ASAN:DEADLYSIGNAL
=================================================================
==1596536==ERROR: AddressSanitizer: FPE on unknown address 0x55718c759aa0 (pc 0x55718c759aa0 bp 0x7fff1eb09d20 sp 0x7fff1eb09cf0 T0)
#0 0x55718c759a9f in sixel_encoder_do_resize /root/programs/libsixel/src/encoder.c:633
#1 0x55718c75b5e5 in sixel_encoder_encode_frame /root/programs/libsixel/src/encoder.c:968
#2 0x55718c760d75 in load_image_callback /root/programs/libsixel/src/encoder.c:1679
#3 0x55718c7c883d in load_gif /root/programs/libsixel/src/fromgif.c:671
#4 0x55718c7c0d74 in load_with_builtin /root/programs/libsixel/src/loader.c:908
#5 0x55718c7c19cb in sixel_helper_load_image_file /root/programs/libsixel/src/loader.c:1418
#6 0x55718c7612e7 in sixel_encoder_encode /root/programs/libsixel/src/encoder.c:1743
#7 0x55718c7549ee in main /root/programs/libsixel/converters/img2sixel.c:457
#8 0x7f382df64c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
#9 0x55718c752109 in _start (/root/programs/libsixel/build_asan/bin/img2sixel+0x5e109)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: FPE /root/programs/libsixel/src/encoder.c:633 in sixel_encoder_do_resize
==1596536==ABORTING
Description
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
Version
img2sixel 1.8.6, commit id 6a5be8b (Tue Jan 14 02:27:00 2020 +0900)
Reproduction
poc.zip
Platform
The text was updated successfully, but these errors were encountered: