Impact
A crafted markdown document can trigger an out-of-bounds read in the validate_protocol
function, at autolink.c:277 and autolink.c:282.
We believe this bug is harmless in practice, because the out-of-bounds read accesses malloc
metadata without any causing any visible damage.
Proof-of-concept
The out-of-bounds access can be triggered like this:
Patches
This vulnerability has been patched in 0.29.0.gfm.7
.
For more information
If you have any questions or comments about this advisory:
Impact
A crafted markdown document can trigger an out-of-bounds read in the
validate_protocol
function, at autolink.c:277 and autolink.c:282.We believe this bug is harmless in practice, because the out-of-bounds read accesses
malloc
metadata without any causing any visible damage.Proof-of-concept
The out-of-bounds access can be triggered like this:
Patches
This vulnerability has been patched in
0.29.0.gfm.7
.For more information
If you have any questions or comments about this advisory: