During construction of a Track_Visual object, corrupted sequence metadata can leave a std::vector<unsigned> uninitialized. When .empty() is called, it attempts to dereference a null object.
*Root Cause:* - Missing input validation when constructing vectors from parsed boxes. *Impact:* - Application crash (DoS). - Not exploitable for code execution. *Evidence:* ==1174955==ERROR: AddressSanitizer: SEGV in std::vector<unsigned>::empty() _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
