[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-82271":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":12,"stars7d":15,"stars30d":16,"stars90d":14,"forks30d":14,"starsTrendScore":17,"compositeScore":18,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":21,"hasPages":19,"topics":22,"createdAt":9,"pushedAt":9,"updatedAt":23,"readmeContent":24,"aiSummary":25,"trendingCount":14,"starSnapshotCount":14,"syncStatus":13,"lastSyncTime":26,"discoverSource":27},82271,"exr-imageio-poc","Billy-Ellis\u002Fexr-imageio-poc","Billy-Ellis","PoC for CVE-2026-28990, an ImageIO bug patched in iOS\u002FmacOS 26.5",null,"Python",43,6,2,0,8,12,18,56.74,false,"main",true,[],"2026-06-12 04:01:37","# exr-imageio-poc\nPoC for an integer overflow vulnerability in ImageIO patched in iOS\u002FmacOS 26.5\n\n## The vulnerability\n\nThere was an integer overflow in function `EXRReadPlugin::decodeBlockAppleEXR` prior to iOS\u002FmacOS 26.5 when calculating the size of a buffer.\n\nIt is possible to cause memory corruption by having the multiplication of the supplied image's `width` and `height` values wrap-around to `0`, and subsequently call `malloc_type_malloc` with a very small size.\n\nSupplying an image file containing excess pixel data results in a heap overflow and a crash:\n```\n  thread #5, queue = 'com.apple.root.user-interactive-qos', stop reason = EXC_GUARD (code=1, subcode=0x4141414141414151)\n    frame #0: 0x00000001855ba8c8 libdispatch.dylib`_dispatch_root_queue_drain + 176\nlibdispatch.dylib`_dispatch_root_queue_drain:\n->  0x1855ba8c8 \u003C+176>: ldr    x8, [x0, #0x10]!\n    0x1855ba8cc \u003C+180>: cbz    x8, 0x1855bab2c ; \u003C+788>\n    0x1855ba8d0 \u003C+184>: str    x8, [x20, #0x68]\n    0x1855ba8d4 \u003C+188>: mov    x0, x20\nTarget 0: (exr_parser) stopped.\n```\n\nFull technical write-up available [here](https:\u002F\u002Fzygosec.com\u002Fblog)\nVideo explanation available [here](https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=nPuU_9Kbb5o)\n","这个项目是一个针对CVE-2026-28990漏洞的概念验证（PoC），该漏洞存在于iOS\u002FmacOS 26.5之前的ImageIO组件中。项目通过Python语言实现，展示了如何利用`EXRReadPlugin::decodeBlockAppleEXR`函数中的整数溢出缺陷，导致内存破坏。具体来说，当提供的图像文件的宽度和高度值相乘后发生溢出至0时，会触发一个非常小尺寸的内存分配请求，进而引发堆溢出并使程序崩溃。此项目适用于安全研究人员或开发者学习和理解特定类型的软件漏洞及其利用方法，并可用于测试相关系统补丁的有效性。","2026-06-11 04:08:12","CREATED_QUERY"]