-
Notifications
You must be signed in to change notification settings - Fork 252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
heap-buffer-overflow in mdp #165
Comments
Hey @Frank-Z7, thanks for reporting this. Shouldn't this cause a crash? I can't produce one when i follow your steps without afl on
|
Hi @visit1985 , Thank you for your attention. The vulnerability is not related to the use of afl, which comes with the ASAN(AddressSanitizer) tool to check for memory errors. AddressSanitizer (https://github.com/google/sanitizers), Google famous memory testing tool, it could print out the report and display of memory problem, and has been integrated in the GCC, LLVM compiler, etc. To make it easier for you to reproduce the problem, I changed the Makefile in the mdp folder and the mdp/src folder. I used the gcc compiler and added the -fsanitize=address flag to enable ASAN. The modified compressed package is as follows. You can directly run the "./ mdp-e-i-x poc1"command to rectify the problem. |
heap-buffer-overflow in mdp
Hi.I found a heap-buffer-overflow bug in mdp.
Please confirm.
Thanks for your time!
Version
ASAN Log
./mdp -e -i -x poc1mdp
Reproduction
Steps to reproduce: 1.Download the poc1mdp file. 2.Compile the source code with ASan. (My approach is to install AFLplusplus and add the following two lines to the Makefile: CC=afl-clang-fast CXX=afl-clang-fast++ then: AFL_USE_ASAN=1 make ) 3.Execute the following command: ./mdp -e -i -x poc1mdp
PoC
poc1mdp: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc1mdp
Impact
This vulnerability is capable of causing crashes, or possible DOS.
Reference
https://github.com/visit1985/mdp
Environment
The text was updated successfully, but these errors were encountered: