Issue968

Title CVE-2020-14938: An issue was discovered in map.c
Priority important Status open
Assigned To fluzz Keywords
Linked issues Watchers fluzz

Submitted on 2020-06-26 06h42 by Snark, last changed by fluzz.

Messages
Author: Snark Date: 2020-06-26   06h42
This bug was reported against the Debian package but is an upstream issue:

It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
Author: fluzz Date: 2020-06-29   13h49
This should be fixed, indeed.
Related issues : issue951, issue952 (how come we never commented those one ???)

But, however, if one tries to crash FDRPG with a malicious, I bet he will find thousands of way. Do we really have to protect against intentional corruptions ?
History
Date User Action Args
2020-06-29 13:49:37fluzzsetassignedto: fluzz
messages: + msg3692
nosy: + fluzz
2020-06-26 06:42:08Snarkcreate