| शीर्षक | Open Babel 3.1.1 / master commit 889c350 Use After Free |
|---|
| विवरण | Open Babel version 3.1.1 (and the latest development branch, commit 889c350) is vulnerable to a heap-use-after-free in the GAMESSOutputFormat::ReadMolecule function. When parsing crafted GAMESS output files, the parser calls OpenBabel::tokenize to split input lines into tokens and then converts one token into an integer using atoi. However, the token string buffer is freed when the token vector is cleared, leaving atoi/strtol with a dangling pointer. This results in a use-after-free and can lead to memory corruption and potential code execution if exploited with a malicious input file. The vulnerability is triggered during file conversion with the fuzz target fuzz_convert but affects the core library functions used in normal conversions as well. |
|---|
| स्रोत | ⚠️ https://github.com/openbabel/openbabel/issues/2834 |
|---|
| उपयोगकर्ता | ahuo (UID 90189) |
|---|
| सबमिशन | 14/09/2025 09:57 AM (10 महीनों पहले) |
|---|
| संयम | 25/09/2025 08:05 PM (11 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 325922 [Open Babel तक 3.1.1 gamessformat.cpp ReadMolecule बफ़र ओवरफ़्लो] |
|---|
| अंक | 20 |
|---|