Submeter #435372: emqx neuron neuron version ≤ 2.10.0 Buffer Overflowinformação

Títuloemqx neuron neuron version ≤ 2.10.0 Buffer Overflow
DescriçãoThe /api/v2/plugin interface library parameter uses the strcpy function to copy the contents of req->library to cmd.library. This operation poses a risk of buffer overflow since the strcpy function does not check the size of the destination buffer. If the string length in req->library exceeds the capacity of cmd.library, strcpy will continue writing beyond the memory of the destination buffer, leading to a buffer overflow.
Fonte⚠️ https://github.com/emqx/neuron/issues/2280
Utilizador
 susu199 (UID 76394)
Submissão01/11/2024 07h15 (há 2 anos)
Moderação07/11/2024 11h35 (6 days later)
EstadoAceite
Entrada VulDB283410 [emqx neuron até 2.10.0 plugin_handle.c handle_add_plugin Excesso de tampão]
Pontos19

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!