Zandronum Chat @
Get the latest version: 2.1.2
Source Code

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002961Zandronum[All Projects] Bugpublic2016-12-16 16:172017-03-06 05:47
Assigned ToTorr Samaho 
PriorityhighSeverityexploitReproducibilityhave not tried
PlatformOSOS Version
Product Version2.1 
Target Version3.0Fixed in Version3.0 
Summary0002961: Code execution vulnerability in Game_Music_Emu
Description [^]

The tl;dr is that Game_Music_Emu has a couple bugs in it that can enable arbitrary code execution by playing a malformed SPC file. The fix is trivial, and already pushed to ZDoom git, but I'm still reporting it here because it's a security bug and fixing it requires rebuilding with an updated libgme if it's statically linked.
Attached Files

- Relationships

-  Notes
User avatar (0016541)
Torr Samaho (administrator)
2016-12-22 19:49

I backported the ZDoom patch.
User avatar (0016951)
Ru5tK1ng (updater)
2017-03-06 05:47

I'm not sure this can be tested unless someone tries to fiddle with a 'dirty' SPC file. I'd say this is safe to close unless someone feels otherwise.

Issue Community Support
This issue is already marked as resolved.
If you feel that is not the case, please reopen it and explain why.
Supporters: No one explicitly supports this issue yet.
Opponents: No one explicitly opposes this issue yet.

- Issue History
Date Modified Username Field Change
2016-12-16 16:17 Balrog New Issue
2016-12-22 19:49 Torr Samaho Note Added: 0016541
2016-12-22 19:49 Torr Samaho Product Version => 2.1
2016-12-22 19:49 Torr Samaho Target Version => 3.0
2016-12-22 19:49 Torr Samaho Assigned To => Torr Samaho
2016-12-22 19:49 Torr Samaho Status new => needs testing
2017-03-06 05:47 Ru5tK1ng Note Added: 0016951
2017-03-06 05:47 Ru5tK1ng Status needs testing => resolved
2017-03-06 05:47 Ru5tK1ng Resolution open => fixed
2017-03-06 05:47 Ru5tK1ng Fixed in Version => 3.0

Questions or other issues? Contact Us.


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker