| タイトル | Davide Faconti BehaviorTree 4.7.0 / master commit 8d47d39 Stack-based Buffer Overflow |
|---|
| 説明 | BehaviorTree.CPP version 4.7.0 (master commit 8d47d39) contains a stack-buffer-overflow vulnerability in the script parser.
The vulnerable function ParseScript() (in src/script_parser.cpp) allocates a fixed-size buffer on the stack. The buffer is used to store diagnostic messages produced by ErrorReport. However, these messages can exceed 2048 bytes in length, which causes writes beyond the bounds of error_msgs_buffer. This results in a stack-buffer-overflow, confirmed by AddressSanitizer. |
|---|
| ソース | ⚠️ https://github.com/BehaviorTree/BehaviorTree.CPP/issues/1006 |
|---|
| ユーザー | sand (UID 90194) |
|---|
| 送信 | 2025年09月14日 10:36 (7 月 ago) |
|---|
| モデレーション | 2025年09月26日 08:34 (12 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 325955 [BehaviorTree 迄 4.7.0 Diagnostic Message /src/script_parser.cpp ParseScript error_msgs_buffer メモリ破損] |
|---|
| ポイント | 20 |
|---|