| Title | AVL-DiTEST-DiagDev libdoip libdoip==1.0.0 NULL Pointer Dereference |
|---|
| Description | In the reactOnReceivedTcpMessage method, the ROUTINGACTIVATIONREQUEST activation command dynamically allocates an array to routedClientAddress. However, when the activation command is not used and a diagnostic command (8001) is sent directly, routedClientAddress is not allocated. If it is used afterward, it causes the program to crash. |
|---|
| Source | ⚠️ https://github.com/AVL-DiTEST-DiagDev/libdoip/issues/11 |
|---|
| User | susu199 (UID 76394) |
|---|
| Submission | 11/13/2024 07:22 AM (1 Year ago) |
|---|
| Moderation | 11/21/2024 07:55 AM (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 285659 [AVL-DiTEST-DiagDev libdoip 1.0.0 DoIPConnection.cpp reactOnReceivedTcpMessage null pointer dereference] |
|---|
| Points | 18 |
|---|