| 제목 | cflow 1.7 has a stack-overflow at src/parser.c because of recursive call of void func_body() and void parse_variable_declaration(Ident *ident, int parm) |
|---|
| 설명 | There exists stack-overflow because of recursive call of void func_body() and void parse_variable_declaration(Ident *ident, int parm) at cflow-1.7/src/parser.c. This vulnerability may lead to denial of service (DoS) attacks and execution of malicious code. The details are in https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md. I have informed the vendor:https://savannah.gnu.org/bugs/?64119. |
|---|
| 원천 | ⚠️ https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md |
|---|
| 사용자 | DaisyPo (UID 45463) |
|---|
| 제출 | 2023. 04. 27. PM 04:34 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 05. 18. PM 02:03 (21 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 229373 [GNU cflow 1.7 parser.c func_body/parse_variable_declaration 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|