Hello,
I am testing my new fuzz tester recently. I found a crash when testing the gif2tga program. After analysis, the vulnerability appears in the following code snippet
if(v!=i->gce.transparent_color || !i->gce.transparent_flag) {
#ifndef NGIFLIB_INDEXED_ONLY
if(p->mode & NGIFLIB_MODE_INDEXED) {
#endif /* NGIFLIB_INDEXED_ONLY */
*context->frbuff_p.p8 = v;
#ifndef NGIFLIB_INDEXED_ONLY
} else
*context->frbuff_p.p32 = v < i->ncolors ?
GifIndexToTrueColor(i->palette, v) : 0;
#endif /* NGIFLIB_INDEXED_ONLY */
}
I think it should be caused by not checking the file structure in the LoadGIF function, resulting in too many memory addresses being allocated.
The condition for the vulnerability to be triggered is
gif2tga poc.gif
The poc file is
by Kaiyu Xie
Hello,
I am testing my new fuzz tester recently. I found a crash when testing the gif2tga program. After analysis, the vulnerability appears in the following code snippet
I think it should be caused by not checking the file structure in the LoadGIF function, resulting in too many memory addresses being allocated.
The condition for the vulnerability to be triggered is
gif2tga poc.gifThe poc file is
by Kaiyu Xie