kc3-lang/pkgconf

Browse

Commit 9e16d2709c2e0857c6c0f46869eb6a254444a7d5

Tobias Stoeckmann 2020-05-24T23:13:19

libpkgconf: personality: fix out of boundary access It is possible to set the instruction pointer to undefined values by using an operator larger than ':' in ASCII. Since the personality function array does not have 256 entries, an invalid operator can overflow the array. Proof of concept: $ echo "a _ b" > poc $ ln -s $(which pkgconf) poc-pkgconf $ ./poc-pkgconf 


          

          

        

        


    

  





 kmx.io    
 mail    
 discord

kmxgit v0.4.0