Mageia Bugzilla – Attachment 12085 Details for
Bug 27746
sam2p missing update for security issue CVE-2017-1462[89], CVE-2017-1463[0167], CVE-2017-16663, CVE-2018-7487, CVE-2018-755[134], CVE-2018-12578, CVE-2018-12601
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Series of poc tests on sam2p before update
before (text/plain), 6.21 KB, created by
Len Lawrence
on 2020-12-15 16:25:41 CET
(
hide
)
Description:
Series of poc tests on sam2p before update
Filename:
MIME Type:
Creator:
Len Lawrence
Created:
2020-12-15 16:25:41 CET
Size:
6.21 KB
patch
obsolete
>Before update: >bug1: >$ sam2p crash1 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) > >bug2: >$ sam2p crash7 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Warning: PCX: PCX file appears to be truncated. >sam2p: Notice: job: read InputFile: crash7 >sam2p: Notice: writeTTT: using template: l23 >sam2p: Notice: applyProfile: applied OutputRule #43 using applier PSL23+PDF >sam2p: Notice: job: written OutputFile: /dev/null >Success. >munmap_chunk(): invalid pointer >Aborted (core dumped) > >bug3: >$ sam2p crash8 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >Segmentation fault (core dumped) > >bug4: >$ sam2p crash29 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >Segmentation fault (core dumped) > >bug5: >$ sam2p crash30 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >Segmentation fault (core dumped) > >bug6: >$ sam2p crash36 EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) > >CVE-2017-16663 >https://github.com/pts/sam2p/issues/16 >input_bmp_ci_311.bmp, input-bmp_ci_348.bmp >$ sam2p input_bmp_ci_311.bmp EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) >$ sam2p input-bmp_ci_348.bmp EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >terminate called after throwing an instance of 'std::bad_alloc' > what(): std::bad_alloc >Aborted (core dumped) > >CVE-2017-7487 >https://github.com/pts/sam2p/issues/18 >$ file 003-LoadPCX-heapover >003-LoadPCX-heapover: PCX ver. 3.0 image data bounding box [12336, 12336] - [12336, 12336], 5 planes each of 1-bit 12336 x 12336 dpi, RLE compressed > >$ sam2p 003-LoadPCX-heapover EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Warning: PCX: PCX file appears to be truncated. >sam2p: Warning: PCX: Error reading PCX colormap. Using grayscale. >Segmentation fault (core dumped) > >CVE-2018-7551 >https://github.com/pts/sam2p/issues/28 >$ sam2p 011-freenomalloc-minips EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Notice: job: read InputFile: 011-freenomalloc-minips >sam2p: Notice: writeTTT: using template: l23ind1 >sam2p: Notice: applyProfile: applied OutputRule #9 using applier PSL23+PDF >sam2p: Notice: job: written OutputFile: /dev/null >Success. > >CVE-2018-7553 >https://github.com/pts/sam2p/issues/32 >$ sam2p 009-heap EPS: /dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >free(): invalid next size (normal) >Aborted (core dumped) > >CVE-2018-7554 >https://github.com/pts/sam2p/issues/29 >$ sam2p 013-freenomalloc-readimage EPS:/dev/null >013-freenomalloc-readimage: PC bitmap, OS/2 1.x format, 1 x 4 >lcl@difda:Downloads $ sam2p 013-freenomalloc-readimage EPS:/dev/null >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Notice: job: read InputFile: 013-freenomalloc-readimage >sam2p: Notice: writeTTT: using template: l1op >sam2p: Notice: applyProfile: applied OutputRule #0 using applier P-TrOpBb >sam2p: Notice: job: written OutputFile: /dev/null >Success. > >CVE-2018-12578 >https://github.com/pts/sam2p/issues/39 >$ sam2p sam2p000_id412_heap-buffer-overflow try.bmp >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Notice: job: read InputFile: sam2p000_id412_heap-buffer-overflow >sam2p: Notice: SampleFormat: Gray8 would be better than Indexed8 >sam2p: Notice: applyProfile: applied OutputRule #24 using applier BMP >sam2p: Notice: job: written OutputFile: try.bmp >Success. > >CVE-2018-12601 >https://github.com/pts/sam2p/issues/41 >$ sam2p sam2p000_id083_heap-buffer-overflow_in_input-tga try.bmp >This is sam2p 0.49.3. >Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. >Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. >sam2p: Warning: TGA: bit image, 13 bit alpha is greater than 8 total bits per pixel >sam2p: Warning: TGA: reducing to * bit alpha: 0 >sam2p: Warning: TGA: error reading; ftell == 87 >Segmentation fault (core dumped)
Before update: bug1: $ sam2p crash1 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) bug2: $ sam2p crash7 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Warning: PCX: PCX file appears to be truncated. sam2p: Notice: job: read InputFile: crash7 sam2p: Notice: writeTTT: using template: l23 sam2p: Notice: applyProfile: applied OutputRule #43 using applier PSL23+PDF sam2p: Notice: job: written OutputFile: /dev/null Success. munmap_chunk(): invalid pointer Aborted (core dumped) bug3: $ sam2p crash8 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. Segmentation fault (core dumped) bug4: $ sam2p crash29 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. Segmentation fault (core dumped) bug5: $ sam2p crash30 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. Segmentation fault (core dumped) bug6: $ sam2p crash36 EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) CVE-2017-16663 https://github.com/pts/sam2p/issues/16 input_bmp_ci_311.bmp, input-bmp_ci_348.bmp $ sam2p input_bmp_ci_311.bmp EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) $ sam2p input-bmp_ci_348.bmp EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted (core dumped) CVE-2017-7487 https://github.com/pts/sam2p/issues/18 $ file 003-LoadPCX-heapover 003-LoadPCX-heapover: PCX ver. 3.0 image data bounding box [12336, 12336] - [12336, 12336], 5 planes each of 1-bit 12336 x 12336 dpi, RLE compressed $ sam2p 003-LoadPCX-heapover EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Warning: PCX: PCX file appears to be truncated. sam2p: Warning: PCX: Error reading PCX colormap. Using grayscale. Segmentation fault (core dumped) CVE-2018-7551 https://github.com/pts/sam2p/issues/28 $ sam2p 011-freenomalloc-minips EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Notice: job: read InputFile: 011-freenomalloc-minips sam2p: Notice: writeTTT: using template: l23ind1 sam2p: Notice: applyProfile: applied OutputRule #9 using applier PSL23+PDF sam2p: Notice: job: written OutputFile: /dev/null Success. CVE-2018-7553 https://github.com/pts/sam2p/issues/32 $ sam2p 009-heap EPS: /dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. free(): invalid next size (normal) Aborted (core dumped) CVE-2018-7554 https://github.com/pts/sam2p/issues/29 $ sam2p 013-freenomalloc-readimage EPS:/dev/null 013-freenomalloc-readimage: PC bitmap, OS/2 1.x format, 1 x 4 lcl@difda:Downloads $ sam2p 013-freenomalloc-readimage EPS:/dev/null This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Notice: job: read InputFile: 013-freenomalloc-readimage sam2p: Notice: writeTTT: using template: l1op sam2p: Notice: applyProfile: applied OutputRule #0 using applier P-TrOpBb sam2p: Notice: job: written OutputFile: /dev/null Success. CVE-2018-12578 https://github.com/pts/sam2p/issues/39 $ sam2p sam2p000_id412_heap-buffer-overflow try.bmp This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Notice: job: read InputFile: sam2p000_id412_heap-buffer-overflow sam2p: Notice: SampleFormat: Gray8 would be better than Indexed8 sam2p: Notice: applyProfile: applied OutputRule #24 using applier BMP sam2p: Notice: job: written OutputFile: try.bmp Success. CVE-2018-12601 https://github.com/pts/sam2p/issues/41 $ sam2p sam2p000_id083_heap-buffer-overflow_in_input-tga try.bmp This is sam2p 0.49.3. Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP LBM XPM PCX TGA. Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb. sam2p: Warning: TGA: bit image, 13 bit alpha is greater than 8 total bits per pixel sam2p: Warning: TGA: reducing to * bit alpha: 0 sam2p: Warning: TGA: error reading; ftell == 87 Segmentation fault (core dumped)
View Attachment As Raw
Actions:
View
Attachments on
bug 27746
:
12083
|
12084
| 12085