GIFLIB:memory leak in GIF2RGB

Description

giflib is a library for reading and writing gif images. It is API and ABI compatible with libungif which was in wide use while the LZW compression algorithm was patented.

The GIF2RGB function in gif2rgb.c allows attackers to cause a denial of service (memory leak) via a crafted file.

#gif2rgb -o out.gif $FILE

=================================================================
==124794==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 1156 byte(s) in 34 object(s) allocated from:
#0 0x7f6288723bb8 in interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x4039bf in GIF2RGB /home/haojun/Downloads/testopensourcecode/giflib-5.1.4/util/gif2rgb.c:392
#2 0x404a7a in main /home/haojun/Downloads/testopensourcecode/giflib-5.1.4/util/gif2rgb.c:525
#3 0x7f62882c2b34 in 
libc_start_main (/lib64/libc.so.6+0x21b34)
Direct leak of 34 byte(s) in 1 object(s) allocated from:
#0 0x7f6288723bb8 in interceptor_malloc ../../../../libsanitizer/asan/asan_malloc_linux.cc:62
#1 0x4037d7 in GIF2RGB /home/haojun/Downloads/testopensourcecode/giflib-5.1.4/util/gif2rgb.c:385
#2 0x404a7a in main /home/haojun/Downloads/testopensourcecode/giflib-5.1.4/util/gif2rgb.c:525
#3 0x7f62882c2b34 in 
libc_start_main (/lib64/libc.so.6+0x21b34)
SUMMARY: AddressSanitizer: 1190 byte(s) leaked in 35 allocation(s).

Affected version:

5.1.4

Fixed version:

N/A

Commit fix:

N/A

Credit: 

ADLab of Venustech.

CVE:

N/A

Reproducer:


Timeline:

2017-04-22:bug discovered

2017-06-20:blog post about the issue


Permalink:
http://somevulnsofadlab.blogspot.com/2017/06/giflibmemory-leak-in-gif2rgb.html

评论

此博客中的热门博文

Poppler:stack buffer overflow in GfxImageColorMap::getGray

LibTIFF:memory leak in _TIFFmalloc

lrzip:stack buffer overflow in get_fileinfo