A flaw was found in fig2dev version 3.2.8a. A Global buffer overflow in gensvg.c in function arrow_path may lead to memory corruption and other potential consequences. Upstream bug: https://sourceforge.net/p/mcj/tickets/115/ Upstream fix: https://sourceforge.net/p/mcj/fig2dev/ci/8c0917994e49110004a6632d0a66ea19501ad39d/
This is a buffer over-read and not a buffer over-write according to the ASAN log, so it is a much lower impact as a bug. No memory corruption can occur just by reading the memory, unless something else is done later.