QT TIFF Processing Out-Of-Bounds Read
Posted by deepcore on May 26, 2021 – 7:12 pm
The QImageReader class can read out-of-bounds when converting a specially-crafted TIFF file into a QImage, where the TIFF tile length is inconsistent with the tile size. This could potentially allow an attacker to determine values in memory based of the QImage pixels, if QT is used to process untrusted images.
Post a reply
You must be logged in to post a comment.