Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20200419190928.GA145297@ryzen.bugs.fi>
Date: Sun, 19 Apr 2020 22:09:28 +0300
From: Henri Salo <henri@...v.fi>
To: Agostino Sarubbo <ago@...too.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: re2c: heap overflow in Scanner::fill (scanner.cc)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Sun, Apr 19, 2020 at 04:59:48PM +0200, Agostino Sarubbo wrote:
> Affected version:
> 1.3
>
> Fixed version:
> Will be 2.0
>
> Commit fix:
> https://github.com/skvadrik/re2c/commit/
> c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a
>
> Credit:
> This bug was discovered by Agostino Sarubbo.
>
> CVE:
> I don’t care anymore about a CVE. If you will obtain one about this issue, 
> feel free to reach me. I will update this as well.
>
> Note:
> This bug was found with American Fuzzy Lop.
> This bug was identified with bare metal servers donated by Packet. This work 
> is also supported by the Core Infrastructure Initiative.
>
> Permalink:
> http://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc/

Good job again ago! I created CVE request for you. I don't think that you
should stop fuzzing as mentioned in blog. Instead you should pick responsive
and important targets (e.g. re2c) and add a donation button to your web page,
thanks :)

- -- 
Henri Salo
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAl6coeUACgkQJ633pE6q
dXR+Sg//T9YuxN+Ef49RaPpChhWuZqsS6/gTimhdr6A5Obncl7LHqYj/IViHX23W
Ck+/wpLTNVt3vZGKB5607XkwoeJkfHgtKxdWcIMNSBevDpvKX4fJd01csD8FTqGR
6tmTmS6EgFRRevfGTut2mmwMkQDOTZ9EbedcxqanmCVZ6IDUVSlvdRrwtFXPcgHG
qTafrAyaYNbrbJLHPlnliTY+k7HdXPsT8j2Oe97+u/as3E8+B21xssUkerVRwQ6S
MPey0/7bMh7IV4x+u5NFbIwl7W6OlksDcemR41ZSiwlyd7SfMcU9kBHHdC1LVYgh
pyeWGys4CUjj/b7fYf5lJEYLdsGTEcYgtWpLisE2rd+2vyMkzx/NWYDgqHsMzK90
zHyNYVLq/qowu8h5V+tRW/VhgYl9m/U1zxFllhVYVOEu87+fdk0FfhT2AFq5HtX8
7+l3EnInfu4TUAMATerInYR6wsjOOj7vjNjbYbpStRC8IZavsGMlwneaNr1QkQtf
5gu+85yU8VmwYUrYftaGdsvbjUR6xz+LNkiF2Y72r0/kKDi29/oi3gekYYumcBB3
zaRXGsoliVV7eTeFF7N/HGeGheIkHaCGo1yB+GQ2BZt/723EBg10WRpZYbCaweQQ
LuTyN2OBwdCDyPF+T+E1oOF6CtkkHa6cYcdG9s6NZ7Ij9v2ky2w=
=N3U9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.