Note:
This project will be discontinued after December 13, 2021. [more]
2018-04-16
An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.
Products | Gegl |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch | - None (likely due to unavailable code) |
Links | https://github.com/xiaoqx/pocs/tree/master/gegl |