Mageia Bugzilla – Attachment 12084 Details for
Bug 27746
sam2p missing update for security issue CVE-2017-1462[89], CVE-2017-1463[0167], CVE-2017-16663, CVE-2018-7487, CVE-2018-755[134], CVE-2018-12578, CVE-2018-12601
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Results of poc tests after update of sam2p
afterwards (text/plain), 2.19 KB, created by
Len Lawrence
on 2020-12-15 16:23:12 CET
(
hide
)
Description:
Results of poc tests after update of sam2p
Filename:
MIME Type:
Creator:
Len Lawrence
Created:
2020-12-15 16:23:12 CET
Size:
2.19 KB
patch
obsolete
>After update of sam2p: > >bug1: >$ sam2p crash1 EPS: /dev/null >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) ><Not fixed?> > >bug2: >$ sam2p crash7 EPS: /dev/null >sam2p: Error: PCX: Repeat count too large. ><Good result> > >bug3: >$ sam2p crash8 EPS: /dev/null >... >sam2p: Error: XPM: unpaletted color ><Good result> > >bug4: >$sam2p crash29 EPS: /dev/null >sam2p: Notice: job: read InputFile: crash29 >sam2p: Error: applyProfile: invalid combination, no applicable OutputRule >sam2p: Notice: applyProfile: trying OutputRule #0 >sam2p: Notice: applyProfile: trying OutputRule #1 >.... >sam2p: Notice: applyProfile: trying OutputRule #55 ><Probaby good> > >bug5: >$ sam2p crash30 EPS: /dev/null >sam2p: Error: XPM: unknown color: 0#0C1A42 ><Good result> > >bug6: >$ sam2p crash36 EPS: /dev/null >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) ><Not fixed> > >CVE-2017-16663 >$ sam2p input_bmp_ci_311.bmp EPS: /dev/null >sam2p: Error: BMP: Image too large. ><Good result> >$ sam2p input-bmp_ci_348.bmp EPS: /dev/null >sam2p: Error: BMP: Image too large. ><Good result> > >CVE-2017-7487 >$ sam2p 003-LoadPCX-heapover EPS: /dev/null >sam2p: Error: PCX: bperlin too large ><Good result> > >CVE-2018-7551 >$ sam2p 009-heap EPS: /dev/null >sam2p: Error: PCX: bperlin too large ><Good result> > >CVE-2018-7554 >$ sam2p 013-freenomalloc-readimage EPS:/dev/null >Success. ><Same as before - good result> > >CVE-2018-12578 >sam2p sam2p000_id412_heap-buffer-overflow try.bmp >sam2p: Error: Filter::UngetFileD: error open4read: sam2p000_id412_heap-buffer-overflow ><Success reported before - still a good result> > >CVE-2018-12601 >$ sam2p sam2p000_id083_heap-buffer-overflow_in_input-tga try.bmp >sam2p: Error: Filter::UngetFileD: error open4read: sam2p000_id083_heap-buffer-overflow_in_input-tga ><Good result> > > >Most of these show an improvement over the previous results but bug1 and bug6 fail the poc tests so may not have been fixed - CVE-2017-{14628,14637}(?). >The bug numbers may be matched against these CVEs - not explicitly stated under issue 14. >bug1 = CVE-2017-14628 >bug2 ~ CVE-2017-14629 >bug3 ~ CVE-2017-14630 >bug4 ~ CVE-2017-14631 >bug5 ~ CVE-2017-14636 >bug6 ~ CVE-2017-14637 >
After update of sam2p: bug1: $ sam2p crash1 EPS: /dev/null terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) <Not fixed?> bug2: $ sam2p crash7 EPS: /dev/null sam2p: Error: PCX: Repeat count too large. <Good result> bug3: $ sam2p crash8 EPS: /dev/null ... sam2p: Error: XPM: unpaletted color <Good result> bug4: $sam2p crash29 EPS: /dev/null sam2p: Notice: job: read InputFile: crash29 sam2p: Error: applyProfile: invalid combination, no applicable OutputRule sam2p: Notice: applyProfile: trying OutputRule #0 sam2p: Notice: applyProfile: trying OutputRule #1 .... sam2p: Notice: applyProfile: trying OutputRule #55 <Probaby good> bug5: $ sam2p crash30 EPS: /dev/null sam2p: Error: XPM: unknown color: 0#0C1A42 <Good result> bug6: $ sam2p crash36 EPS: /dev/null terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) <Not fixed> CVE-2017-16663 $ sam2p input_bmp_ci_311.bmp EPS: /dev/null sam2p: Error: BMP: Image too large. <Good result> $ sam2p input-bmp_ci_348.bmp EPS: /dev/null sam2p: Error: BMP: Image too large. <Good result> CVE-2017-7487 $ sam2p 003-LoadPCX-heapover EPS: /dev/null sam2p: Error: PCX: bperlin too large <Good result> CVE-2018-7551 $ sam2p 009-heap EPS: /dev/null sam2p: Error: PCX: bperlin too large <Good result> CVE-2018-7554 $ sam2p 013-freenomalloc-readimage EPS:/dev/null Success. <Same as before - good result> CVE-2018-12578 sam2p sam2p000_id412_heap-buffer-overflow try.bmp sam2p: Error: Filter::UngetFileD: error open4read: sam2p000_id412_heap-buffer-overflow <Success reported before - still a good result> CVE-2018-12601 $ sam2p sam2p000_id083_heap-buffer-overflow_in_input-tga try.bmp sam2p: Error: Filter::UngetFileD: error open4read: sam2p000_id083_heap-buffer-overflow_in_input-tga <Good result> Most of these show an improvement over the previous results but bug1 and bug6 fail the poc tests so may not have been fixed - CVE-2017-{14628,14637}(?). The bug numbers may be matched against these CVEs - not explicitly stated under issue 14. bug1 = CVE-2017-14628 bug2 ~ CVE-2017-14629 bug3 ~ CVE-2017-14630 bug4 ~ CVE-2017-14631 bug5 ~ CVE-2017-14636 bug6 ~ CVE-2017-14637
View Attachment As Raw
Actions:
View
Attachments on
bug 27746
:
12083
| 12084 |
12085