oss-sec mailing list archives

Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme

From: "Don A. Bailey" <donb () securitymouse com>
Date: Wed, 15 Mar 2017 17:03:18 -0600

I find this extremely amusing. 

https://www.securitymouse.com/lms-2014-06-23-7

D

On Mar 15, 2017, at 4:47 PM, Peter Bex <peter () more-magic net> wrote:

Hello all,

I'd like to request a CVE for an unchecked malloc() argument in
CHICKEN Scheme's SRFI-4 vector constructors, when allocating the
vector in unmanaged memory.  Due to the missing range check, this
could result in negative or too small size allocations, which would
result in a crash or a buffer overrun, depending on the size.

This issue affects all current releases of CHICKEN Scheme, including
the latest release, 4.12.0.

The official announcement was made here:
http://lists.gnu.org/archive/html/chicken-announce/2017-03/msg00000.html

Cheers,
Peter Bex

Current thread:

CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 15)
- Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Adam Maris (Mar 16)
  - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Korsgaard (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Bex (Mar 16)
    - Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Peter Korsgaard (Mar 16)
- Re: CVE request for unchecked size argument in malloc() in CHICKEN Scheme Don A. Bailey (Mar 16)