mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1020 B
1020 B
CVE-2023-45663
Description
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not checked: In the stbi__hdr_load function and in the stbi__tga_load function. The latter of the two is likely more exploitable as an attacker may also control the size of an uninitialized buffer.
POC
Reference
No PoCs from references.