libredwg
libredwg copied to clipboard
LibreDWG
Official mirror of libredwg. With CI hooks and nightly releases. PR's ok
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==8989==ERROR: AddressSanitizer: heap-use-after-free on address 0x7ffff7e35838 at pc 0x0000007106ca bp...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==8993==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x611000000144 at pc 0x0000007064dc bp...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==8995==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62e00000ac80 at pc 0x0000004bc125 bp...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==8997==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000000730 at pc 0x000000517369 bp...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==8999==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed:...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==9541==ERROR: AddressSanitizer: attempting double-free on 0x61a000000100 in thread T0: #0...
### system info Ubuntu x86_64, clang 6.0, dwg2dxf([0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608)) ### Command line ./programs/dwg2dxf -b -m @@ -o /dev/null ### AddressSanitizer output ==9543==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffffffc8f0 at pc 0x0000007257bb bp...
# Vulnerability description version: [0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608) & latest commit [f2dea29](https://github.com/LibreDWG/libredwg/commit/f2dea296a0a3bb16afdae8d2ca16749a617a4383) poc: [poc](https://github.com/0xdd96/PoC/raw/main/libredwg/UAF-bit_copy_chain) command: ./dwgrewrite poc **_This is similar to issue #364 and others, but it seems that the patch https://github.com/LibreDWG/libredwg/commit/e95cc1eea8744c40e298208679eda14039b9b5d3 has...
I think the GeoJSON export feature is barely usable at this moment. GeoJSON should follow WGS84/EPSG:4326 https://datatracker.ietf.org/doc/html/rfc7946. So, I think the workflow should be like: 1. Check if there is...
@rurban In the BLOCK_HEADER table entry is after name address of entity in block list. How could I process this address?
