Double Free in TCPServer 

Hi there!

I was running my fuzzer in the background when I discovered a double free in the SimpleNetwork TCPServer.

## Impact
Triggering the double free will allow client to crash any SimpleNetwork TCP server remotely.  In other situations, double free vulnerabilities can cause undefined behavior and potentially code execution in the right circumstances.

## Reproduction

#### Create a file with a large amount of random characters 

<img width="528" alt="Screen Shot 2022-07-14 at 4 27 10 PM" src="https://user-images.githubusercontent.com/42481692/179098477-81883e22-5cce-449c-932e-c57e46afe9ef.png">

#### Start a TCP server and send the large file to the server a few consecutive times
<img width="807" alt="Screen Shot 2022-07-14 at 5 06 48 PM" src="https://user-images.githubusercontent.com/42481692/179098638-a128f837-6897-46d1-8ec0-49b3a21ccb1e.png">

#### View the crash and gdb backtrace
<img width="616" alt="Screen Shot 2022-07-14 at 4 30 14 PM" src="https://user-images.githubusercontent.com/42481692/179098694-875cda36-e275-4af1-8f41-64de73f31a39.png">

<img width="872" alt="Screen Shot 2022-07-14 at 5 06 14 PM" src="https://user-images.githubusercontent.com/42481692/179098702-529d5c12-6541-46b1-8082-967c5c0502ae.png">

## Extra Resources
* https://owasp.org/www-community/vulnerabilities/Doubly_freeing_memory
* https://cwe.mitre.org/data/definitions/415.html


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Double Free in TCPServer #22

Impact

Reproduction

Create a file with a large amount of random characters

Start a TCP server and send the large file to the server a few consecutive times

View the crash and gdb backtrace

Extra Resources

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development