Evince Integer Overflow and Truncation Due to Type Promotion in TIFF Backend

Posted on Thu 01 August 2024 in Thought, vulnerability research and discovery • Tagged with chronicles, vulnerability research, vulnerability discovery, type promotion

I have been pretty facinated with type promotion bugs in the recent months. Why? Because I love when there is some crazy mixed data types with arithmetic. Something about math (in)correctly implemented always makes me geek out. For those not familiar with Type promotion, it's when data type values …


Continue reading