[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Readline vulnerability report and CVE request for readline vulnerability
From: |
minipython |
Subject: |
Readline vulnerability report and CVE request for readline vulnerability |
Date: |
Tue, 11 Apr 2023 18:58:14 +0800 |
Dear bug-readline@gnu.org,
I would like to report some security vulnerabilities that I discovered in Readline and request CVE identifiers. The details of the vulnerabilities are as follows:
Readline version: 8.2
Machine and OS: Ubuntu 20.04.1 x86-64
Compilation flags: "./configure CC=/root/fuzzers/AFLplusplus/afl-clang-fast CXX=/root/fuzzers/AFLplusplus/afl-clang-fast++" with ASan and UBSan instrumentation.
I have uploaded the ASAN information and the vulnerability type, containing 13 vulnerabilities, as attachments to this email.
To reproduce the bug reliably, I made the following modifications:
First, I changed the sprintf function in the fileman code in the examples directory to snprintf (snprintf(syscom, 1024, "ls -FClg %s", arg)) to prevent issues with the fileman code itself.
Then, I tested fileman because it uses many readline functions. I have attached the modified fileman.c code in the attachments.
Finally, I compiled readline and fileman with ASan instrumentation and ran fileman < bug to successfully reproduce the issue. The bugs are also attached.
I apologize that I am not able to provide a proposed fix at this time.
Thank you for your attention to this matter. Please let me know if you require any further information.
Sincerely,
minipython
bug.pdf
Description: Binary data
fileman.c
Description: Binary data
unique_crashes.tar.gz
Description: Binary data
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Readline vulnerability report and CVE request for readline vulnerability,
minipython <=