Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CVE-2018-12889] - Heap Buffer Overrun in mkAddToRelayCacheRequest when reading CCNx or NDN binary file #279

Closed
blacksheeep opened this issue Jun 26, 2018 · 1 comment
Assignees

Comments

@blacksheeep
Copy link
Contributor

blacksheeep commented Jun 26, 2018

Description

Heap Buffer Overrun in mkAddToRelayCacheRequest and in ccnl_populate_cache issued by a non null terminated array when reading an binary CCNx or NDN file.

This Heap Buffer Overrun can result in a Heap Corruption when parsing a binary CCNx or NDN file.

Steps to reproduce the issue

The Heap Corruption can be triggered by a binary NDN file with a longer data than indicated by a the corresponding TLV.

@blacksheeep
Copy link
Contributor Author

Fixed by #280

@blacksheeep blacksheeep changed the title Heap Buffer Overrun in mkAddToRelayCacheRequest when reading CCNx or NDN binary file [CVE-2018-12889] - Heap Buffer Overrun in mkAddToRelayCacheRequest when reading CCNx or NDN binary file Jun 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant