We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
If an attacker inputs a maliciously crafted file to opj_decompress, opj_decompress will consume RAM until exhausted.
[19395.257621] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1001.slice/[email protected]/app.slice/app-org.gnome.Terminal.slice/vte-spawn-bfb74d30-24d2-42e9-a6c7-66ba9ccba97e.scope,task=opj_decompress,pid=332886,uid=1001 [19395.257635] Out of memory: Killed process 332886 (opj_decompress) total-vm:21477025544kB, anon-rss:7378548kB, file-rss:0kB, shmem-rss:0kB, UID:1001 pgtables:19316kB oom_score_adj:0
mkdir build && cd build cmake .. make -j `nproc`
opj_decompress -i crash.j2k -o test.pgm
Ubuntu 22.04.2 LTS
The text was updated successfully, but these errors were encountered:
It seems to be the same as issue #1471 . Close this issue.
Sorry, something went wrong.
No branches or pull requests
Expected behavior and actual behavior.
If an attacker inputs a maliciously crafted file to opj_decompress, opj_decompress will consume RAM until exhausted.
dmesg log
poc video
crash.mov
Steps to reproduce the problem.
crash
Operating system
Ubuntu 22.04.2 LTS
openjpeg version
The text was updated successfully, but these errors were encountered: