Giter VIP home page Giter VIP logo

uncontrolled-allocation-fuzzer-testsuite's Introduction

Uncontrolled-memory-allocation-Fuzzer-TestSuite

Uncontrolled-memory-allocation testsuite used for fuzzing experiment

Seeds and POCs are in the folder

If you Cannot reproduce the bug, try to reduce the memory limit. For example:

  • ulimit -a to see the information of memory limit.
  • sudo ulimit -s 8192 or sudo ulimit -s 4096 to reduce the stack size.
  • sudo ulimit -m 36700160 to reduce the memory size.

The detail information of the benchmark can be seen as follow.

1. jasper 2.0.14

  • Bug type: uncontrolled-memory-allocation, memory leak
  • CVE ID:
  • Download: 
    git clone https://github.com/mdadams/jasper
git checkout 1a36ca39da535af2e67848f5f43ffd657746e632
  • Reproduce: jasper --input @@ --output test.bmp --output-format bmp

2. Libming 0.4.8

  • Bug type: uncontrolled-memory-allocation, memory leak
  • CVE ID:
  • Download: 
    git clone https://github.com/libming/libming
git checkout b72cc2fda0e8b3792b7b3f7361fc3f917f269433
  • Reproduce: listswf @@

3. zziplib v0.13.68

  • Bug type: uncontrolled-memory-allocation, memory leak
  • CVE ID:
    • CVE-2018-6869
    • the meory leak is very easy to find in CVE website, lots of memory leak
  • Download: 
    git clone https://github.com/gdraheim/zziplib
git checkout bf4584fb06d5f9c5813616dbadc0129024c9c0f9
  • Reproduce: zzdir @@ || unzzip @@

4. Bento4 1.5.1-627

  • Bug type: uncontrolled-memory-allocation, memory leak
  • CVE ID:
  • Download: 
    git clone https://github.com/axiomatic-systems/Bento4
git checkout 590312125c833bc496faf815c583cfd053509d2c
  • Reproduce: mp42hls @@

5. readelf 2.28

6. exiv2 0.26

  • Bug type: uncontrolled-memory-allocation
  • CVE ID:
  • Download: 
     git clone https://github.com/Exiv2/exiv2
 git checkout fa449a4d2c58d63f0d75ff259f25683a98a44630
  • Reproduce: exiv2 -pX @@

7. openjpeg 2.3.0

  • Bug type: uncontrolled-memory-allocation
  • CVE ID:
  • Download: 
     git clone https://github.com/uclouvain/openjpeg
 git checkout 51f097e6d5754ddae93e716276fe8176b44ec548
  • Reproduce: opj_decompress -i @@ -o ./tmp.png

8. podofo 0.9.5

uncontrolled-allocation-fuzzer-testsuite's People

Contributors

wcventure avatar

Stargazers

avatar

Watchers

James Cloos avatar avatar zhiwu avatar avatar avatar

Forkers

fengjixuchui

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.