oss-sec mailing list archives

CVE request for buffer overrun in CHICKEN Scheme's substring-index[-ci] procedures

From: Moritz Heidkamp <moritz.heidkamp () bevuta com>
Date: Mon, 12 Jan 2015 17:44:37 +0100

Hello,

I would like to request a CVE for a buffer overrun vulnerability in
CHICKEN Scheme's substring-index[-ci] procedures. This overrun is only
triggered when an integer greater than zero is passed as the optional
START argument. As a work-around users are advised to switch to the
equivalent string-contains procedure from SRFI 13 which is also shipped
with CHICKEN.

All releases of CHICKEN up until 4.9.0.1 are affected.

The issue is fixed by the patch at
http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/txt2UqAS9CtvH.txt. This
fix will be included in the upcoming release versions 4.9.0.2, 4.9.1,
4.10.0, and 5.0.

The patch on the discussion list is
http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/msg00000.html
and it got applied as
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=25db851b902606741b1a520bd7e4a3fbd12c9b2a
and
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=63d0445ed379a43343cfcea7032a284cf7deca2b

For the official announcement, see
http://lists.nongnu.org/archive/html/chicken-users/2015-01/msg00048.html

Regards
Moritz
-- 
bevuta IT GmbH - professional IT solutions
Marktstrasse 10 | http://www.bevuta.com/ | HRB 62476 AG Cologne
D-50968 Cologne | Tel.: +49 221 282678-0 | CEO: Pablo Beyen

Attachment: signature.asc
Description:

Current thread:

CVE request for buffer overrun in CHICKEN Scheme's substring-index[-ci] procedures Moritz Heidkamp (Jan 12)
- Re: CVE request for buffer overrun in CHICKEN Scheme's substring-index[-ci] procedures Peter Bex (Jan 28)
  - Re: CVE request for buffer overrun in CHICKEN Scheme's substring-index[-ci] procedures Moritz Muehlenhoff (Jan 28)
    - Re: CVE request for buffer overrun in CHICKEN Scheme's substring-index[-ci] procedures cve-assign (Jan 28)