Vulnerable C++ Code snippet
Closed this issue · 3 comments
Hi,
We are analyzing vulnerable C++ code snippets migrated from StackOverflow too Github. We noted a vulnerable code snippet in your repository that was most likely copied from Stack Overflow. The vulnerability exists in file
Here is a summary of the vulnerable code snippet:
Description:
If current_index or current_index + sizeof(T) get larger than size of vec, information leakage can occur.
static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index){
example:
int main(){
std::vector<uint8_t> vec {0x01, 0x05};
auto byte1 = get_from_vector<uint8_t>(vec, 10);
auto byte2 = get_from_vector<uint16_t>(vec, 20);
auto byte4 = get_from_vector<uint32_t>(vec, 50);
auto byte8 = get_from_vector<uint64_t>(vec, 32);
printf("%x - %x -%x -%x",byte1,byte2,byte4,byte8);
}
output it's being like this:
0 - 0 -0 -382d3531
Mitigation:
Validate size of current_index + sizeof(T) to always be in the boundary of vec.
Please verify our report here with regards to the above vulnerability to assist you.
Link to survey (should not take more than 5 minutes).
Sincerely yours,
Morteza …, university info
Jafar, .. university info
Ashkan Sami, university, website
Foutse Khomh, Polytechnique Montreal, website: http://www.khomh.net/
Gias Uddin, Polytechnique Montreal, website: https://giasuddin.github.io
...
Hi,
We are analyzing vulnerable C++ code snippets migrated from StackOverflow too Github. We noted a vulnerable code snippet in your repository that was most likely copied from Stack Overflow. The vulnerability exists in file
Here is a summary of the vulnerable code snippet:
Description:
If current_index or current_index + sizeof(T) get larger than size of vec, information leakage can occur.
static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index){
example:
int main(){
std::vector<uint8_t> vec {0x01, 0x05};
auto byte1 = get_from_vector<uint8_t>(vec, 10);
auto byte2 = get_from_vector<uint16_t>(vec, 20);
auto byte4 = get_from_vector<uint32_t>(vec, 50);
auto byte8 = get_from_vector<uint64_t>(vec, 32);
printf("%x - %x -%x -%x",byte1,byte2,byte4,byte8);
}
output it's being like this:
0 - 0 -0 -382d3531
Mitigation:
Validate size of current_index + sizeof(T) to always be in the boundary of vec.
Please verify our report here with regards to the above vulnerability to assist you.
Link to survey (should not take more than 5 minutes).
Sincerely yours,
Morteza …, university info
Jafar, .. university info
Ashkan Sami, university, website
Foutse Khomh, Polytechnique Montreal, website: http://www.khomh.net/
Gias Uddin, Polytechnique Montreal, website: https://giasuddin.github.io
...
Hi, Oscar Asterkrans
We are analyzing vulnerable C++ code snippets migrated from StackOverflow too Github. We noted a vulnerable code snippet in your repository that was most likely copied from Stack Overflow. The vulnerability exists in file
Here is a summary of the vulnerable code snippet:
Description:
If current_index or current_index + sizeof(T) get larger than size of vec, information leakage can occur.
static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index){
example:
int main(){
std::vector<uint8_t> vec {0x01, 0x05};
auto byte1 = get_from_vector<uint8_t>(vec, 10);
auto byte2 = get_from_vector<uint16_t>(vec, 20);
auto byte4 = get_from_vector<uint32_t>(vec, 50);
auto byte8 = get_from_vector<uint64_t>(vec, 32);
printf("%x - %x -%x -%x",byte1,byte2,byte4,byte8);
}
output it's being like this:
0 - 0 -0 -382d3531
Mitigation:
Validate size of current_index + sizeof(T) to always be in the boundary of vec.
Please verify our report here with regards to the above vulnerability to assist you.
Link to report with four questions for you related to the vulnerability (should not take more than 5 minutes to answer).
Sincerely yours,
Morteza …, university info
Jafar, .. university info
Ashkan Sami, university, website
Foutse Khomh, Polytechnique Montreal, website: http://www.khomh.net/
Gias Uddin, Polytechnique Montreal, website: https://giasuddin.github.io
...
Dear Oscar Asterkrans,
We are a group of Academic researchers. We are analyzing vulnerable C++ code snippets migrated from StackOverflow to GitHub. Our research will be published in Academic publications and will not be used in any Industrial application.
We noted a vulnerable code snippet in your repository that was most likely copied from Stack Overflow. The vulnerability exists in this source code file of your repository.
Please verify our report here with regards to the above vulnerability to assist you.
Link to report with four questions for you related to the vulnerability (should not take more than 5 minutes to answer).
Here is a summary of the vulnerable code snippet:
Description:
If current_index or current_index + sizeof(T) get larger than size of vec, information leakage can occur.
static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index){
example:
int main(){
std::vector<uint8_t> vec {0x01, 0x05};
auto byte1 = get_from_vector<uint8_t>(vec, 10);
auto byte2 = get_from_vector<uint16_t>(vec, 20);
auto byte4 = get_from_vector<uint32_t>(vec, 50);
auto byte8 = get_from_vector<uint64_t>(vec, 32);
printf("%x - %x -%x -%x",byte1,byte2,byte4,byte8);
}
output it's being like this:
0 - 0 -0 -382d3531
Mitigation:
Validate size of current_index + sizeof(T) to always be in the boundary of vec.
Please verify our report here with regards to the above vulnerability to assist you.
Link to report with four questions for you related to the vulnerability (should not take more than 5 minutes to answer).
Sincerely yours,
Morteza Verdi, Shiraz university, E-mail: m.verdi@shirazu.ac.ir
Jafar Akhondali, Shiraz university, E-mail: jafar.akhondali@yahoo.com
Ashkan Sami, Shiraz university, E-mail: ashkan.sami@gmail.com
Foutse Khomh, Polytechnique Montreal, website: http://www.khomh.net/
Gias Uddin, Polytechnique Montreal, website: https://giasuddin.github.io
Alireza Karami motlagh, Shahid Chamran University, E-mail: alireza.karami.m@gmail.com