This could result in denial of service or possibly the execution of arbitrary code.
Bug details: PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall. This could result in denial of service or possibly the execution of arbitrary code.
CVE References: CVE-2019-10391, CVE-2019-10392, CVE-2019-10393, CVE-2019-10394, CVE-2019-10395, CVE-2019-10396, CVE-2019-10397, CVE-2019-10398, CVE-2019-10399, CVE-2019-10400, CVE-2019-10401, CVE-2019-10402, CVE-2019-10403, CVE-2019-10404, CVE-2019-10405, CVE-2019-10406, CVE-2019-10407, CVE-2019-10408, CVE-2019-10409, CVE-2019-10410, CVE-2019-10411, CVE-2019-10412, CVE-2019-10413, CVE-2019-10414,
discovered with PicoC Version 3.2.2.
This could result in denial of service or possibly the execution of arbitrary code.
PicoC Version 3.2.2 was discovered to contain a NULL pointer dereference in
PicoC Version 3.2.3 is released
PicoC Version 3.2.3 is released in response to a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall. This could result in denial of service or possibly the execution of arbitrary code.
PicoC Version 3.2.2 - Denial of Service
This could result in denial of service or possibly the execution of arbitrary code.
Timeline
Published on: 11/08/2022 15:15:00 UTC
Last modified on: 11/08/2022 21:56:00 UTC