Public bug reported: environment $ uname -a Linux 6176901723ae 5.15.0-122-generic #132-Ubuntu SMP Thu Aug 29 13:45:52 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
build setting $ git clone https://git.launchpad.net/ubuntu/+source/midicsv ( also possible https://www.fourmilab.ch/webtools/midicsv/#Download ) $ head Makefile CC = clang CFLAGS = -g -Wall -fsanitize=address INSTALL_DEST = /usr/local # You shouldn't need to change anything after this line VERSION = 1.1 PROGRAMS = midicsv csvmidi ( edit Makefile for address sanitizer ) When I run the attached poc file, a heap buffer overflow error occurs as follows. The following is the ASAN crash log that occurred when I ran the poc. $ ./midicsv /tmp/poc/poc34 0, 0, Header, 1, 2, -6177 1, 0, Start_track 1, 0, 2, 0, Start_track 2, 1, Text_t, "@KMIDI KARAOKE FILE" 2, 1, Text_t, "note track" 2, 1, Tempo, 500000 2, 1, Key_signature, 0, "minor" ================================================================= ==48573==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x606000000060 at pc 0x0000004ede9d bp 0x7ffee71d8d30 sp 0x7ffee71d8d28 READ of size 1 at 0x606000000060 thread T0 #0 0x4ede9c in vlength /tmp/midicsv/midicsv.c:44:18 #1 0x4ec018 in trackcsv /tmp/midicsv/midicsv.c:115:17 #2 0x4ebd26 in main /tmp/midicsv/midicsv.c:505:2 error: failed to decompress '.debug_aranges', zlib is not available error: failed to decompress '.debug_info', zlib is not available error: failed to decompress '.debug_abbrev', zlib is not available error: failed to decompress '.debug_line', zlib is not available error: failed to decompress '.debug_str', zlib is not available error: failed to decompress '.debug_loc', zlib is not available error: failed to decompress '.debug_ranges', zlib is not available #3 0x7fa13ebc1082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #4 0x41c2ed in _start (/tmp/midicsv/midicsv+0x41c2ed) ** Affects: midicsv (Ubuntu) Importance: Undecided Status: New ** Attachment added: "poc34" https://bugs.launchpad.net/bugs/2087779/+attachment/5836120/+files/poc34 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2087779 Title: heap-buffer overflow in midicsv.c:44 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/midicsv/+bug/2087779/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
