oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncurses fixes upstream

From: Solar Designer <solar () openwall com>
Date: Wed, 19 Apr 2023 19:23:59 +0200
On Wed, Apr 19, 2023 at 04:55:06PM +0000, Jonathan Bar Or (JBO) wrote:

Yes, now that the cat is out of the bag there's no point - you can find some POCs here (not every find is covered by 
a POC, FYI):
https://drive.google.com/drive/u/0/folders/1XZiHbH7W7is8cwTu7DKrpwBTYuYfRZqE

Note not all of them work on Linux - some are macOS focused too.


I'm attaching the 5 scripts from there to this message for archival,
as-is (text/plain) and in tar.gz (to avoid any mangling).  There's also
Ncurses.pdf, but it's too large for the mailing list because of embedded
screenshots.  SHA-256's of these all:

c3b981fad88f17cc201bfa7f4230a348e30b449238e3d3406852691770876eda  cost_oob_read.sh
526cde9fc78cb0712c0b725ecea316913f0302194702ebccdf1a1a146f32dac9  gen_terminfo.py
f787189535fa21a8924db2afc2ef6301a931805b43ef8ea13cdefab6aacb83d0  heap_overflow.sh
2049668efcf24f34ce200d6c2b96fefc389cf4092cfd6c99f5da66a3d46b9a5f  leak.sh
66b0706b0852a5b9e9644bea98edc0b0b84f5f7fec028fe2bf03964d46002594  type_confusion.sh

47b30bdd9fbf35cc900c3869e2303d0dabea44176fdfdfced97bd4ee329529c9  ncurses-exp.tar.gz

a8ba31a02b596f7a9f61f61cc7a98ed9aac2d358f49614d4f480bcfad3fd2a78  Ncurses.pdf

Alexander

Attachment: cost_oob_read.sh
Description:

Attachment: gen_terminfo.py
Description:

Attachment: heap_overflow.sh
Description:

Attachment: leak.sh
Description:

Attachment: type_confusion.sh
Description:

Attachment: ncurses-exp.tar.gz
Description:

Previous By Date Next
Previous By Thread Next

Current thread: