| 제목 | happyfish100 libfastcommon V1.0.84 and earlier Heap-based Buffer Overflow |
|---|
| 설명 | A heap-based buffer overflow vulnerability was found in happyfish100 libfastcommon (affecting version V1.0.84 and prior). The issue occurs in the function base64_decode within the file src/base64.c. The vulnerability is triggered by calculating the length of the destination buffer incorrectly when processing malicious Base64 input with excessive padding or invalid characters. This leads to an out-of-bounds write of a null byte.
The issue was reported and discussed in GitHub Issue #55: https://github.com/happyfish100/libfastcommon/issues/55
The vulnerability has been fixed in the master branch via commit 82f66af: https://github.com/happyfish100/libfastcommon/commit/82f66af3e252e3e137dba0c3891570f085e79adf |
|---|
| 원천 | ⚠️ https://github.com/happyfish100/libfastcommon/issues/55 |
|---|
| 사용자 | liloler (UID 94450) |
|---|
| 제출 | 2026. 01. 22. AM 03:20 (5 개월 ago) |
|---|
| 모더레이션 | 2026. 02. 05. PM 08:35 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 344598 [happyfish100 libfastcommon 까지 1.0.84 src/base64.c base64_decode 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|