| タイトル | Orc discount 3.0.1.2 Memory Corruption |
|---|
| 説明 | A stack-buffer-overflow (stack exhaustion) vulnerability exists in the markdown parsing logic of discount. When processing a maliciously crafted markdown file with excessively nested structures, the compile() function inside markdown.c falls into an uncontrolled deep recursion. This ultimately exhausts the process stack space, causing the application to crash with a DEADLYSIGNAL (Segmentation Fault).
Trigger Condition: The program falls into an excessively deep recursion within the compile() function in markdown.c (line 1445).
./markdown -G crash00.md
Point of Crash: Deep within the recursion stack, compile() invokes the Pp() function (line 1443). Subsequently, Pp() attempts to allocate memory via calloc (line 1214), which triggers a stack-overflow exception caught by AddressSanitizer.
https://github.com/Orc/discount/issues/305 |
|---|
| ソース | ⚠️ https://github.com/Orc/discount/issues/305 |
|---|
| ユーザー | MTHG (UID 83728) |
|---|
| 送信 | 2026年03月09日 17:19 (1 月 ago) |
|---|
| モデレーション | 2026年03月25日 15:19 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 353138 [Orc discount 迄 3.0.1.2 Markdown markdown.c compile サービス拒否] |
|---|
| ポイント | 20 |
|---|