You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is the vulnerability?
Null pointer Dereference is discovered in abcm2ps (8.14.6-master). The same can be triggered by sending a crafted abc file to the abcm2ps binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impacts when a victim opens a specially crafted file.
Synopsis-: We discovered Null pointer dereference in draw_bar() at draw.c:1211. s2->abc_type is not being validated. Due to lack of validation of s2->abc_type, therefore it causes Null pointer dereference.
abcm2ps-8.14.6 (2019-11-05)
File NPD2
NPD2:20:36: error: Not a note
20 [B,,3G,3][B,,G,]- [B,,4G,4]|[_B,,3F,#][B,,F,]- [B,,4F,4]|
^
NPD2:32:24: error: Not a note
32 !fp![E,4G,4C4]- [E,3/G,3 program 53
^
NPD2:32:32: error: Not a note
32 !fp![E,4G,4C4]- [E,3/G,3 program 53
^
NPD2:32:17: error: Chord not closed
32 !fp![E,4G,4C4]- [E,3/G,3 program 53
^
NPD2:34:23: error: Not a note
34 !fp!!3![=B,4D4F4]- [B,3?D3/F3/][B,/D/F/][U,3/D3/G3/][B,/D/A/] ([B,4D4A4]!...
^
NPD2:34:42: error: Not a note
34 !fp!!3![=B,4D4F4]- [B,3?D3/F3/][B,/D/F/][U,3/D3/G3/][B,/D/A/] ([B,4D4A4]!...
^
NPD2:36:21: error: Non standard measure repeat syntax
36 [C,,4E,,4G,,4C,4]- [3/]!2!E,/!3!D,3/!4!C,/ (!2!^F,4G,2)z _A,,|\
^
NPD2:32:16: error: Bad character 'm'
NPD2:32:16: error: Bad character 'r'
NPD2:32:16: error: Bad character 'o'
NPD2:32:16: error: Bad character 'r'
NPD2:32:16: error: Bad character 'p'
NPD2:34:40: error: Bad character 'U'
NPD2:34:84: error: Decoration !3Trompette! not defined
NPD2:36:19: warning: Line underfull (270pt of 682pt)
NPD2:32:4: error: Bad tie
==15190== Invalid read of size 1
==15190== at 0x128E32: draw_bar (draw.c:1211)
==15190== by 0x128E32: draw_systems (draw.c:4593)
==15190== by 0x1382AE: delayed_output (music.c:5063)
==15190== by 0x1382AE: output_music (music.c:5114)
==15190== by 0x13D9C0: generate (parse.c:1041)
==15190== by 0x13DF27: gen_ly (parse.c:1062)
==15190== by 0x143F07: do_tune (parse.c:3635)
==15190== by 0x115B61: abc_parse (abcparse.c:179)
==15190== by 0x12DEE3: txt_add_eos (front.c:379)
==15190== by 0x12E373: frontend (front.c:891)
==15190== by 0x110F1C: treat_file (abcm2ps.c:240)
==15190== by 0x11013B: main (abcm2ps.c:1041)
==15190== Address 0x38 is not stack'd, malloc'd or (recently) free'd
Segmentation fault
The text was updated successfully, but these errors were encountered:
What is the vulnerability?
Null pointer Dereference is discovered in abcm2ps (8.14.6-master). The same can be triggered by sending a crafted abc file to the abcm2ps binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impacts when a victim opens a specially crafted file.
Affected version-: 8.14.6-master
Command-: ./abcm2ps $POC
Reproducer file-: Reproducer
Synopsis-: We discovered Null pointer dereference in
draw_bar()
at draw.c:1211.s2->abc_type
is not being validated. Due to lack of validation ofs2->abc_type
, therefore it causes Null pointer dereference.Vulnerable code-:
Debug-:
GDB-:
Valgrind-:
The text was updated successfully, but these errors were encountered: