Hu-Hongyan commented on PR #14623:
URL:
https://github.com/apache/incubator-mxnet/pull/14623#issuecomment-1107865447
I triggered the vulnerability from the C library Libtiff 4.0.9, when I use
an older version of incubator-mxnet, causing out-of-bounds write in the buffer.
A call chain that accesses to the vulnerable function TIFFSeek() is as follows:
```
(python code)mxnet/image.py: def imread(filename, *args, **kwargs)
(libmxnet.so)imgcodecs/src/loadsave.cpp: Mat imread( const String& filename,
int flags );
(libopencv.so)imgcodes/src/grfmt_tiff.cpp: bool TiffDecoder::readData( Mat&
img );
(libopencv.so)imgcodes/src/grfmt_tiff.cpp: bool
TiffDecoder::readData_32FC1(Mat& img);
(libtiff.so)libtiff/tif_read.c: intTIFFReadScanline(TIFF* tif, void* buf,
uint32 row, uint16 sample);
(libtiff.so)libtiff/tif_read.c: static int TIFFSeek(TIFF* tif, uint32 row,
uint16 sample );
```
I have upgraded to incubator-mxnet's newest version to avoid the issues.
Give the info in this report for sharing. It seems that our python projects
should keep an eye on the CVEs of C libraries.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
