The Biosig Project Libbiosig Heap-Based Buffer Overflow Vulnerability in RHS2000 Parsing

A heap-based buffer overflow vulnerability has been identified in The Biosig Project's libbiosig version 3.9.0 and the Master Branch (35a819fa). This vulnerability arises in the RHS2000 file parsing functionality, where a specially crafted RHS2000 file can lead to arbitrary code execution. The issue occurs because the library does not properly validate the size of the data being read from the file, allowing for an overflow when the data is written to a heap-allocated structure.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a malicious RHS2000 file that is crafted to exploit the buffer overflow in the libbiosig library. This file should be processed using the 'sopen_extended' function, which will trigger the vulnerability by attempting to read the file's contents without proper size validation. The buffer overflow can be observed by monitoring the application's memory with a tool like AddressSanitizer, which will report the overflow condition when the vulnerable code is executed.

Remediation

Users are advised to update to the patched version of libbiosig, which is available on the project's official website.