Thanks to visit codestin.com
Credit goes to github.com

Skip to content
This repository was archived by the owner on Jan 15, 2019. It is now read-only.
This repository was archived by the owner on Jan 15, 2019. It is now read-only.

Out-of-bound write #10

Open
Open
Out-of-bound write#10
@D4rkD0g

Description

@D4rkD0g
D4rkD0g
opened on Oct 23, 2018

sirius@lambda:~/Desktop/stegdetect-master$ valgrind ./stegdetect -tF ../crashes/id:000001,sig:11,src:000000,op:flip1,pos:297
==91335== Memcheck, a memory error detector
==91335== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==91335== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==91335== Command: ./stegdetect -tF ../crashes/id:000001,sig:11,src:000000,op:flip1,pos:297
==91335==
==91335== Invalid write of size 4
==91335== at 0x40ACF5: f5_compress (f5.c:126)
==91335== by 0x40BE79: detect_f5 (f5.c:505)
==91335== by 0x4067C7: detect (stegdetect.c:1213)
==91335== by 0x402087: main (stegdetect.c:1568)
==91335== Address 0x80 is not stack'd, malloc'd or (recently) free'd
==91335==
==91335==
==91335== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==91335== Access not within mapped region at address 0x80
==91335== at 0x40ACF5: f5_compress (f5.c:126)
==91335== by 0x40BE79: detect_f5 (f5.c:505)
==91335== by 0x4067C7: detect (stegdetect.c:1213)
==91335== by 0x402087: main (stegdetect.c:1568)
==91335== If you believe this happened as a result of a stack
==91335== overflow in your program's main thread (unlikely but
==91335== possible), you can try to increase the size of the
==91335== main thread stack using the --main-stacksize= flag.
==91335== The main thread stack size used in this run was 8388608.
==91335==
==91335== HEAP SUMMARY:
==91335== in use at exit: 143,896 bytes in 79 blocks
==91335== total heap usage: 83 allocs, 4 frees, 150,144 bytes allocated
==91335==
==91335== LEAK SUMMARY:
==91335== definitely lost: 108,664 bytes in 3 blocks
==91335== indirectly lost: 0 bytes in 0 blocks
==91335== possibly lost: 0 bytes in 0 blocks
==91335== still reachable: 35,232 bytes in 76 blocks
==91335== suppressed: 0 bytes in 0 blocks
==91335== Rerun with --leak-check=full to see details of leaked memory
==91335==
==91335== For counts of detected and suppressed errors, rerun with: -v
==91335== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault

2

the poc

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions