Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://github.com/libgd/libgd/issues/247#issuecomment-232084241
>
> a read out-of-bound

> AddressSanitizer: heap-buffer-overflow
> READ of size 4

> The problem is
> https://github.com/libgd/libgd/blob/gd-2.2.2/src/gd_tga.c#L102. In
> this case tga->bits == TGA_BPP_8 && tga->alphabits == 1, but the code
> in the if body assumes tga->bits == TGA_BPP_32. The comment above the
> respective code block already hints, that this combination is not
> supported. The condition is supposed to be:
>
>    } else if (tga->bits == TGA_BPP_32 && tga->alphabits) {

> https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7

> the libgd developers confirmed that this issue is not the
> same as CVE-2016-6132

Use CVE-2016-6214.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXhoP0AAoJEHb/MwWLVhi2CXgP/0BrhP3KJ9rAB74j3KghawYu
7sVjfO28PWfCd4aEhor1/T4UFWU7u2LWJ2uBfMG+aDbUOn3WHezSo1+6HreoJmRn
X95QK52iQ7/+9ZcO0+AqbRkiP/ZhkRBq9q5jzfSDSBKwPwgc+wkYj3CvaSD9f1A7
zqJ2+y65l1jceyc/ytmFM4vA0vfRVKwaNCrYCYTVxfqPUoSZqsOTpp3yoj0l4kZM
MJs7fVPbkeyWK+5S80VgSMSMoRAezackJq3GiTnonbnNn6Zxy8dX0of0eRxfzBVZ
o6EhPWcawE49oOdo50GSWAN+CkPj+HMlT427/DWyvNpcuugxKlEx9eEefzSKdLAW
RqUJde6c3np/tWp0Vl3DMxQEsUojUX1MV294uixvGlh5M4FUmbir/OF8kyEsjRJ1
6ZfoJRaI/JOGTbaEHOy1qjH4FoOXmDUGnDccUs6fv834UOrPVK9vNXlql++8nPxh
JPHDkjv2ZO+MEV+m4EZM7FdA03oK5Hum3qWvnsmqbHMSMfCMQgUcfustMVsEreJF
t5DT04HRFGVfk4DcYMu17bdyPQNPhsfqP9Dx34cHp8FYJ5M/1h9nzjFmKWyf2Tqw
39ua05QjA7VNx/m3XQBnMwKQAGfhKzoQger0mbMPO+E9fENh3PmzWJO02xtkrQAZ
iHWVDcQfP5wIpp/QdtCm
=W+Ut
-----END PGP SIGNATURE-----