[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: libass ass_outline.c signed integer overflow
From: Ian Zimmerman <itz () very ! loosely ! org>
Date: 2020-11-19 5:34:16
Message-ID: 20201119053416.vfvkqvgsmbmp2wnd () moyka
[Download RAW message or body]
On 2020-09-29 08:19, Fstark wrote:
> In `ass_outline_construct`'s call to `outline_stroke` a signed integer
> overflow happens *(undefined behaviour)*. On my machine signed overflow
> happens to wrap around to a negative value, thus failing the assert.
> https://github.com/libass/libass/issues/431
>
> https://github.com/libass/libass/pull/432
I have followed the links above, and this seems to be an example of a
situation where the CVE process has failed. It is still not fixed in
Debian, possibly for that reason. I'll report a Debian bug today.
--
Ian
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic