New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is a NULL pointer dereference vulnerability #1754
Comments
|
A pull request to fix this would be appreciatd. |
libarchive: Handle a `calloc` returning NULL (fixes #1754)
|
How can a null pointer dereference lead to code execution? |
Please view the document https://cwe.mitre.org/data/definitions/476.html
|
|
If you have a program that maps NULL, you are already asking for trouble. Seriously, a plain NULL pointer dereference is not a code execution bug. Classifications like that are why many people nowadays consider CVEs nearly useless. |
If you're going to be reporting security bugs, alleging critical impact, and requesting CVEs that echo this alleged impact, please at least note that platforms where these prerequisites are met are exceedingly rare, and maybe even let us know which platforms that might be running libarchive actually meet these prerequisites. Edit - I originally double-posted this comment thanks to a shoddy internet connection, I've since deleted the duplicate. |
Thank you very much for your attention. Because there is no reward for open source projects, I did not conduct in-depth research and reproduce code execution. However, it is true that there is a code vulnerability here. I reported it to the open source project and it has been fixed. If you can't reproduce it, you can only think it can lead to Dos. Because the calloc function may fail to execute and return a null pointer. |
|
I'll ask MITRE to fix the description. Please note that despite your being a volunteer, I too am a volunteer putting time into this, and there are many others that have to act on CVEs and work around their bad descriptions. |
OK, thank you very much for taking the time to confirm. In other future reports, I will try to provide poc to avoid wasting time. |
|
Hi, I am a beginner to fix CVEs vulnerability issues, So I want how to fix this issue in the Ubuntu 22.04 server. |
The software does not check for an error after calling
callocfunction that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference or, in some cases, even arbitrary code execution.The vulnerability is here:
In this file:
libarchive/archive_write.c
The text was updated successfully, but these errors were encountered: