PromptFuzz issues

Results 4 issues of


                                            PromptFuzz

An 'outside the range of int' bug found in cJSON_CreateNumber

Hi, UBSAN reported an error in cJSON_CreateNumber. ``` /cjson/src/cjson/cJSON.c:2448:30: runtime error: nan is outside the range of representable values of type 'int' #0 0x55ab38f2da64 in cJSON_CreateNumber /cjson/src/cjson/cJSON.c:2448:30 #1 0x55ab38f2d64c in...

An infinite loop found in cJSON_DeleteItemFromObjectCaseSensitive

Hi, when fuzzing cJSON, there is a timeout reported by ASAN. There might is an infinite loop bug in cJSON_DeleteItemFromObjectCaseSensitive. ``` ==617073== ERROR: libFuzzer: timeout after 241 seconds #0 0x5583f5cf2a41...

Heap-buffer-overflow in pngwrite.c:856:4 in png_write_png

# Summary A heap-buffer-overflow found in `png_write_png`, it could cause 200 bytes out-of-bound read on heap! If the transform flags of `png_write_png` could be controlled by remote attackers, it could...

An infinite loop in png_read_png->..->png_write_row

# Summary A infinite loop bug found in `png_read_png`. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted PNG file. # POC ``` #include #include #include...