Gửi #654057: Open Babel 3.1.1 / master commit 889c350 Use After Freethông tin

tiêu đềOpen Babel 3.1.1 / master commit 889c350 Use After Free
Mô tảOpen Babel version 3.1.1 (and the latest development branch, commit 889c350) is vulnerable to a heap-use-after-free in the GAMESSOutputFormat::ReadMolecule function. When parsing crafted GAMESS output files, the parser calls OpenBabel::tokenize to split input lines into tokens and then converts one token into an integer using atoi. However, the token string buffer is freed when the token vector is cleared, leaving atoi/strtol with a dangling pointer. This results in a use-after-free and can lead to memory corruption and potential code execution if exploited with a malicious input file. The vulnerability is triggered during file conversion with the fuzz target fuzz_convert but affects the core library functions used in normal conversions as well.
Nguồn⚠️ https://github.com/openbabel/openbabel/issues/2834
Người dùng ahuo (UID 90189)
Đệ trình14/09/2025 09:57 (cách đây 10 các tháng)
Kiểm duyệt25/09/2025 20:05 (11 days later)
Trạng tháiđược chấp nhận
Mục VulDB325922 [Open Babel đến 3.1.1 gamessformat.cpp ReadMolecule tràn bộ đệm]
điểm20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!