Found by static analyzer svace
Static analyzer message: Integer value 'len' obtained from untrusted source at tube.c:374 by passing as 2nd parameter to function 'read&#3...

Found by static analyzer svace
Static analyzer message: Pointer 'dp' is passed to a function at iter_hints.c:401 after the referenced memory was deallocated at iter_hints.c:174 by p...

Found by static analyzer svace
Static analyzer message: Return value of a function 'reply_info_copy' is dereferenced at dns64.c:923 without checking, but it is usually checked for t...

Found by static analyzer svace
Static analyzer message: Array 'token' of size 65536 bytes passed to function 'rrinternal_parse_rdata' at str2wire.c:679 by passing as...

I was playing with libFuzzer and found heap-buffer-overflow.
**pos is dereferenced before it is checked via *pos == end. This leads
to out of bounds access when *pos == end.
You can build Docker fr...

Hi, I was playing with libFuzzer and found crash when opening xlsx-file with xlnt::workbook::load function. Segmentation fault occurs when loading crash-3bb6db12fd7659ef690ddb7208a1cb990feda70b.txt...

I've got an input to reach unsigned integer overflow error in sldns/parseutil.c:272 in sldns_str2period function, that leads to incorrect conversation from string to uint32_t. Also, other a...

Hi, I was playing with libFuzzer and found crash when opening xlsx-file with OpenXLSX::XLDocument::open function. Exception occurs when opening crash-cd5bb1b9addfd97940dd1a3ed9a7bd590471c2a0.txt fi...

🐛 Describe the bug Hi, I was doing some fuzzing with libFuzzer and found heap buffer overflow in third-party project miniz-2.0.8. Here is the crash input: crash-66b9f45360e6bf5130fb8a6f624f3a3eac54...

🐛 Describe the bug Hi, I found uncaught exception during testing with libFuzzer. The out_of_range exception occurs at /pytorch/aten/src/ATen/core/ivalue_inl.h:501 during execution of torch::jit::lo...

Hi! I found heap-buffer-overflow( occurs at /src/lib/protocols/irc.c:522:10) during testing with libFuzzer. nDPI Environment: OS name: Ubuntu OS version: 20.04.4 LTS (Focal Fossa) Architecture: x86...

Hi! I found heap-buffer-overflow ( occurs at src/lib/protocols/syslog.c:87:9 ) during testing with libFuzzer. nDPI Environment: OS name: Ubuntu OS version: 20.04.4 LTS (Focal Fossa) Architecture: x...

Hi!
We were doing some fuzzing using libFuzzer and symbolic execution tool Sydr for fuzz targets from this PR. And we found an interesting issue. Loop at wav_io.cc:233 could be endless under certai...

Hi! I've been fuzzing your project and found heap-buffer-overflow in find_name. In loop in line 1457 of cairo-truetype-subset.c when i = 422 record has 0x6220000014ce address,...

Hi! I've been fuzzing your project and found integer overflow in readPatternDictSeg. In the line 2505 of JBIG2Stream.cc you use (grayMax + 1) * patternW as second arg...

Hi! I've been fuzzing your project and found heap-buffer-overflow in poppler_page_find_text_with_options. In line 858 of poppler-page.cc you use text as first arg of...

While calling pam_start and using some invalid paths in the configuration file included using include/substack, a pointer of a high value address is dereferenced. Steps to reproduce /etc/pam.d/cras...

System information (version) OpenCV version => a42b355 (4.x) Operating System => Ubuntu 20.04 Compiler => clang-14 Detailed denoscription Hi! We've been fuzzing your proj...