diff options
| author | Nguyễn Gia Phong <cnx@loang.net> | 2025-02-20 10:53:19 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <cnx@loang.net> | 2025-02-21 11:25:15 +0900 |
| commit | fabc7926ac82b069018c079cfca439dc81bc8aa8 (patch) | |
| tree | ec240e6a3a42ac4e951267704034e043529b8f31 | |
| parent | 8328e7dead68674fd0eedd1804ca4488da054971 (diff) | |
| download | loftix-fabc7926ac82b069018c079cfca439dc81bc8aa8.tar.gz | |
Add ASan'ed libjpeg-turbo 2.0.1 for CVE-2018-19664
| -rw-r--r-- | REUSE.toml | 5 | ||||
| -rw-r--r-- | bugs/README.md | 6 | ||||
| -rw-r--r-- | bugs/cve/2018/19664/heap-buffer-overflow-2.jpg | bin | 0 -> 9756 bytes | |||
| -rw-r--r-- | loftix/bugs.scm | 19 |
4 files changed, 30 insertions, 0 deletions
diff --git a/REUSE.toml b/REUSE.toml index 2d6dbd6..bf5beed 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -65,6 +65,11 @@ path = 'bugs/cve/2018/14498/*.bmp' SPDX-FileCopyrightText = '2018 Hongxu Chen' [[annotations]] +path = 'bugs/cve/2018/19664/heap-buffer-overflow-2.jpg' +SPDX-FileCopyrightText = '2018 cool-tomato' +SPDX-License-Identifier = 'CC0-1.0' + +[[annotations]] path = 'bugs/cve/2019/9077/hbo2' SPDX-FileCopyrightText = '2019 陈鹏' SPDX-License-Identifier = 'CC0-1.0' diff --git a/bugs/README.md b/bugs/README.md index 6a3ba1c..cc493a5 100644 --- a/bugs/README.md +++ b/bugs/README.md @@ -67,6 +67,11 @@ cjpeg -outfile /dev/null cve/2018/14498/hbo_rdbmp.c:211_1.bmp cjpeg -outfile /dev/null cve/2018/14498/hbo_rdbmp.c:211_2.bmp +- CVE-2018-19664: [heap buffer overflow][libjpeg-turbo-305] + + guix shell libjpeg-turbo@2.0.1 + djpeg -colors 256 -bmp cve/2018/19664/heap-buffer-overflow-2.jpg + ## libxml2 - CVE-2017-5969: [null pointer derefence][oss-sec-20161105-3] @@ -86,6 +91,7 @@ [jasper-67]: https://github.com/jasper-software/jasper/issues/67 [libarchive-717]: https://github.com/libarchive/libarchive/issues/717 [libjpeg-turbo-258]: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258 +[libjpeg-turbo-305]: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305 [mozjpeg-268]: https://github.com/mozilla/mozjpeg/issues/268 [oss-sec-20161105-3]: https://www.openwall.com/lists/oss-security/2016/11/05/3 [redhat-955808]: https://bugzilla.redhat.com/show_bug.cgi?id=955808 diff --git a/bugs/cve/2018/19664/heap-buffer-overflow-2.jpg b/bugs/cve/2018/19664/heap-buffer-overflow-2.jpg new file mode 100644 index 0000000..dbe6a9f --- /dev/null +++ b/bugs/cve/2018/19664/heap-buffer-overflow-2.jpg Binary files differdiff --git a/loftix/bugs.scm b/loftix/bugs.scm index bbd7446..51997dc 100644 --- a/loftix/bugs.scm +++ b/loftix/bugs.scm @@ -143,6 +143,25 @@ (arguments '(#:make-flags '("CFLAGS=-O2 -g -fsanitize=address" "LDFLAGS=-static -fsanitize=address"))))) +(define-public libjpeg-turbo-2.0.1-asan + (package + (inherit libjpeg-turbo) + (name "libjpeg-turbo") + (version "2.0.1") + (source (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/libjpeg-turbo/" + version "/libjpeg-turbo-" version ".tar.gz")) + (sha256 + (base32 + "1zv6z093l3x3jzygvni7b819j7xhn6d63jhcdrckj7fz67n6ry75")))) + (arguments '(#:phases (modify-phases %standard-phases + (add-before 'configure 'set-env + (lambda _ + (setenv "CFLAGS" "-O2 -g -fsanitize=address") + (setenv "LDFLAGS" "-fsanitize=address")))) + #:configure-flags '("-DCMAKE_INSTALL_LIBDIR:PATH=lib"))))) + (define-public libxml2-2.9.4 (package (inherit libxml2) |
