Open Asset Import Library Assimp Heap-Based Buffer Overflow Vulnerability in Version 6.0.2

A heap-based buffer overflow vulnerability has been identified in Open Asset Import Library (Assimp) version 6.0.2. The issue arises in the function ODDLParser::getNextSeparator, located in the OpenDDLParserUtils.h file. This vulnerability can be exploited locally, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly result in arbitrary code execution or causing a program to crash.

Reproduction

The vulnerability can be reproduced by compiling Assimp with the Clang compiler, version 13.0.1, using the C++17 standard. The library should be built with AddressSanitizer and UndefinedBehaviorSanitizer enabled. After compiling Assimp, the fuzzer included with the library can be used to test the parser with a crafted input file that triggers the buffer overflow. This process involves using the AddressSanitizer to catch the memory corruption error, which is indicative of the heap-buffer-overflow vulnerability.