Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 13 Feb 2018 12:04:50 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: GNU patch out of bounds read, null pointer crash and double free

The recent release of GNU patch 2.7.6 fixed an old out of bounds read I
had reported in 2015:

out of bounds read with malformed patch in pch_write_line
https://savannah.gnu.org/bugs/index.php?45990

Commit:
https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866

I re-checked patch now and found a few more issues:

segfault / null pointer (probably crash only)
https://savannah.gnu.org/bugs/index.php?53132
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a

double free in function another_hunk()
https://savannah.gnu.org/bugs/index.php?53133

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ