oss-sec mailing list archives

CVE request for unchecked size argument in malloc() in CHICKEN Scheme

From: Peter Bex <peter () more-magic net>
Date: Wed, 15 Mar 2017 23:47:49 +0100

Hello all,

I'd like to request a CVE for an unchecked malloc() argument in
CHICKEN Scheme's SRFI-4 vector constructors, when allocating the
vector in unmanaged memory.  Due to the missing range check, this
could result in negative or too small size allocations, which would
result in a crash or a buffer overrun, depending on the size.

This issue affects all current releases of CHICKEN Scheme, including
the latest release, 4.12.0.

The official announcement was made here:
http://lists.gnu.org/archive/html/chicken-announce/2017-03/msg00000.html

Cheers,
Peter Bex

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 15)
- Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Adam Maris (Mar 16)
  - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Korsgaard (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Korsgaard (Mar 16)
- Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Don A. Bailey (Mar 16)