memory is not supposed to get corrupted by the library that opens files case-insensitively
Actual Behavior
memory gets corrupted by the library that opens files case-insensitively
Steps to Reproduce
Hi!
Whilst trying to open a file case-insensitively I came across a codebase that seemed to do the job. But clang's address sanitizer was having none of it! It turns out that there is an off by one error in the buffer size allocation of fcaseopen causing a null terminator to be strcpy'd into unmanaged memory. I reported the problem to the original project but I decided I'd also let everyone I could find who still had the vulnerability floating around copies of it know as well.
To make it super clear I haven't run this decompilation I just found a vulnerability in a library that people would never even think to keep up to date so I figured it would be a good service to people to let them know about it.
Expected Behavior
memory is not supposed to get corrupted by the library that opens files case-insensitively
Actual Behavior
memory gets corrupted by the library that opens files case-insensitively
Steps to Reproduce
Hi!
Whilst trying to open a file case-insensitively I came across a codebase that seemed to do the job. But clang's address sanitizer was having none of it! It turns out that there is an off by one error in the buffer size allocation of fcaseopen causing a null terminator to be strcpy'd into unmanaged memory. I reported the problem to the original project but I decided I'd also let everyone I could find who still had the vulnerability floating around copies of it know as well.
You can find more information about it here: https://github.com/OneSadCookie/fcaseopen/issues/2
Thanks, Aaron.
Screenshots
No response
Log File
No response
Decompilation Version
all of them
Game
Sonic 1
Game Version
Mobile (Sega Forever)
Game Revision
No response
Platform
N/A
Additional Comments
To make it super clear I haven't run this decompilation I just found a vulnerability in a library that people would never even think to keep up to date so I figured it would be a good service to people to let them know about it.