Bug #858
Buffer overflow in DcmRLEDecoder::decompress()
Start date:
2018-11-28
Due date:
% Done:
100%
Module:
dcmdata
Operating System:
Compiler:
Description
As a part of medical infrastructure security research, the DeteAct Team started to perform fuzzing of various open source medical data processing libraries.
During fuzzing of the dcm2pnm utility, a memory corruption (buffer overflow) bug was found, which occurs in DcmRLEDecoder::decompress() (file dcrledec.h, line 122). Attached are three sample files that trigger the (same) bug when processed with either dcm2pnm or dcmdrle.
Reported 2018-11-27 by Omar Ganiev <beched@deteact.com>, DeteAct Team, Open Medical Infrastructure Security Project.
History
#1
Updated by Marco Eichelberg over 4 years ago
- File dcm2pnm_case_1 added
- File dcm2pnm_case_3 added
- File dcm2pnm_case_2 added
#2
Updated by Marco Eichelberg over 4 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
- Assignee set to Marco Eichelberg
Closed by commit #40917614e.
#3
Updated by Michael Onken almost 3 years ago
- Target version deleted (
3.6.6)