An issue was discovered in icoutils. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
Created attachment 1250879 [details] Reporter writeup
Created icoutils tracking bugs for this issue: Affects: fedora-all [bug 1422911]
The patch provided for bug 1422907 should also fix this issue.
Hi Martin Has this been forwarded to upstream? Regards, Salvatore
Hi Salvatore, yes, I sent the patches to upstream but haven't received a reply yet.
Created icoutils tracking bugs for this issue: Affects: epel-6 [bug 1430609]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0837 https://rhn.redhat.com/errata/RHSA-2017-0837.html