New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack Overflow in Scanner::EnsureTokensInQueue() #655
Comments
Is there a patch available for this vulnerability? |
Merged
I just reviewed #807. Sorry for the delay. |
Would you be merging it? |
When the review comments are addressed.
…On Wed, Apr 8, 2020 at 2:23 AM Nicole ***@***.***> wrote:
I just reviewed #807 <#807>. Sorry
for the delay.
Would you be merging it?
Thanks in advance !
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#655 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAICUBRTRB26IL34AKNLMETRLQRAFANCNFSM4GMOLGEQ>
.
|
So was this vulnerability patched or what? Unclear. |
Yes. #807 was merged. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Stack Overflow in Scanner::EnsureTokensInQueue()
position:code
poc
To reproduce:
./parse < crash2.txt
gdb:
Program received signal SIGSEGV, Segmentation fault.
0x0807598e in YAML::Scanner::EnsureTokensInQueue() ()
ASAN:
ASAN:DEADLYSIGNAL
================================================================= ==2258==ERROR: AddressSanitizer: stack-overflow on address 0xbf338fa0 (pc 0x0814e423 bp 0xbf3393c8 sp 0xbf338f90 T0)
#0 0x814e422 (/home/user/yaml-cpp/build/util/parse+0x814e422)
#1 0x816fd48 (/home/user/yaml-cpp/build/util/parse+0x816fd48)
#2 0x8190a72 (/home/user/yaml-cpp/build/util/parse+0x8190a72)
#3 0x81d5061 (/home/user/yaml-cpp/build/util/parse+0x81d5061)
#4 0x81deb85 (/home/user/yaml-cpp/build/util/parse+0x81deb85)
#5 0x81d511a (/home/user/yaml-cpp/build/util/parse+0x81d511a)
#6 0x81deb85 (/home/user/yaml-cpp/build/util/parse+0x81deb85)
#7 0x81d511a (/home/user/yaml-cpp/build/util/parse+0x81d511a)
#8 0x81deb85 (/home/user/yaml-cpp/build/util/parse+0x81deb85)
#9 0x81d511a (/home/user/yaml-cpp/build/util/parse+0x81d511a)
#10 0x81deb85 (/home/user/yaml-cpp/build/util/parse+0x81deb85)
#11 0x81d511a (/home/user/yaml-cpp/build/util/parse+0x81d511a)
......
#245 0x81d511a (/home/eack/yaml-cpp/build/util/parse+0x81d511a)
#246 0x81deb85 (/home/eack/yaml-cpp/build/util/parse+0x81deb85)
#247 0x81d511a (/home/eack/yaml-cpp/build/util/parse+0x81d511a)
#248 0x81deb85 (/home/eack/yaml-cpp/build/util/parse+0x81deb85)
#249 0x81d511a (/home/eack/yaml-cpp/build/util/parse+0x81d511a)
#250 0x81deb85 (/home/eack/yaml-cpp/build/util/parse+0x81deb85)
SUMMARY: AddressSanitizer: stack-overflow (/home/eack/yaml-cpp/build/util/parse+0x814e422) ==2258==ABORTING
The text was updated successfully, but these errors were encountered: