Home > Uncategorized > CVE-2013-4232 analyis

CVE-2013-4232 analyis

After long time i did some quick analysis. here are the details for CVE-2013-4232:


if you look at the patch here:



there is only 1 line of code added:

+ return(0);
} else {
you see the return statement above? well thats it, its a user after free vulnerability. here is the full code:
“Can’t allocate %lu bytes of memory for t2p_readwrite_pdf_image, %s”,
(unsigned long) t2p->tiff_datasize,
t2p->t2p_error = T2P_ERR_ERROR;
return(0); – this is the fix
} else {
t2p->tiff_datasize *= t2p->tiff_samplesperpixel;
t2p_sample_realize_palette(t2p, buffer); -> if function does not return then code will use buffer var, which was already freed causing vulnerability.
that’s it.
Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: