ConcoctionSec comments

Results 5 comments of


                                            ConcoctionSec

heap-buffer-overflow in function sycc420_to_rgb() at openjpeg/src/bin/common/color.c:379

It looks like this. Expect the patch to merge in the main branch.

The exception occurs inside the call: ImfOpenInputFile().

Sorry, because of my negligence to use an empty poc link, the poc link has now been updated. I will look over #248 and try to use the latest version...

The exception occurs inside the call: ImfOpenInputFile().

I saw that in this [issue](https://github.com/AcademySoftwareFoundation/openexr/issues/248), a similar issue was confirmed as CVE-2017-14988.

AddressSanitizer report LeakSanitizer: SEGV when use the posterize

Hello, thank you for your reply, we refer to your comments and added `CFLAGS ?= -g ...` when compiling. The following are the normal operation results and the operation results...

AddressSanitizer report LeakSanitizer: SEGV when use the posterize

> Hi @NISL-SecurityGroup . > > Maybe?: > > ```makefile > CFLAGS ?= -g ... > ``` > > and > > ```shell > > gdb ./posterize > (gdb): r...