[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ccd2cue] Heap corruption bugs
|
From: |
Adam |
|
Subject: |
[ccd2cue] Heap corruption bugs |
|
Date: |
Mon, 12 Mar 2018 18:49:44 -0500 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
We found some heap corruption bugs while fuzzing. Attached are inputs
which cause the crash, descriptions of where the errors in the code are,
and some notes about the impact.
We decided to report these issues to the ccd2cue support email address
rather than posting them publicly on the bug reporting mailing list. We
leave it up to you to decide if they should be posted there before they
are fixed. Our disclosure policy is to not post publicly about
potential security issues until they are either patched, or 45 days
after the initial bug report. The full policy is located here:
https://raw.githubusercontent.com/grimm-co/NotQuite0DayFriday/master/disclosure.txt
--Adam
ccd2cue-0.5-bugs.tar.xz
Description: application/xz
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [ccd2cue] Heap corruption bugs,
Adam <=