| Title | AVL-DiTEST-DiagDev libdoip libdoip==1.0.0 NULL Pointer Dereference |
|---|
| Description | In the reactOnReceivedTcpMessage method, the ROUTINGACTIVATIONREQUEST activation command dynamically allocates an array to routedClientAddress. However, when the activation command is not used and a diagnostic command (8001) is sent directly, routedClientAddress is not allocated. If it is used afterward, it causes the program to crash. |
|---|
| Source | ⚠️ https://github.com/AVL-DiTEST-DiagDev/libdoip/issues/11 |
|---|
| User | susu199 (UID 76394) |
|---|
| Submission | 2024-11-13 07時22分 (6 月前) |
|---|
| Moderation | 2024-11-21 07時55分 (8 days later) |
|---|
| Status | 已接受 |
|---|
| VulDB Entry | 285659 [AVL-DiTEST-DiagDev libdoip 1.0.0 DoIPConnection.cpp reactOnReceivedTcpMessage 拒绝服务] |
|---|
| Points | 18 |
|---|