| عنوان | cflow 1.7 has a stack-overflow at src/parser.c because of recursive call of void func_body() and void parse_variable_declaration(Ident *ident, int parm) |
|---|
| الوصف | There exists stack-overflow because of recursive call of void func_body() and void parse_variable_declaration(Ident *ident, int parm) at cflow-1.7/src/parser.c. This vulnerability may lead to denial of service (DoS) attacks and execution of malicious code. The details are in https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md. I have informed the vendor:https://savannah.gnu.org/bugs/?64119. |
|---|
| المصدر | ⚠️ https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md |
|---|
| المستخدم | DaisyPo (UID 45463) |
|---|
| ارسال | 27/04/2023 04:34 PM (3 سنوات منذ) |
|---|
| الاعتدال | 18/05/2023 02:03 PM (21 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 229373 [GNU cflow 1.7 parser.c func_body/parse_variable_declaration الحرمان من الخدمة] |
|---|
| النقاط | 20 |
|---|