Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Vulnerability - Action Required: NULL Pointer Dereference may in your project #532

Closed
Crispy-fried-chicken opened this issue Nov 21, 2024 · 9 comments
Closed

Security Vulnerability - Action Required: NULL Pointer Dereference may in your project #532

Crispy-fried-chicken opened this issue Nov 21, 2024 · 9 comments
Assignees
@michaelrsweet
Labels
bug Something isn't working priority-high security Security issue
Milestone
Stable

Comments

@Crispy-fried-chicken
Copy link

Hi,
we have detected that your project may be vulnerable to NULL Pointer Dereference in the function of file_basename in the file of htmldoc/file.c . It shares similarities to a recent CVE disclosure CVE-2021-23180 in the htmldoc.

The source vulnerability information is as follows:

Vulnerability Detail:
CVE Identifier: CVE-2021-23180
Description: A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-23180
Patch: 19c582f

Would you help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience!
@michaelrsweet michaelrsweet self-assigned this Nov 21, 2024
@michaelrsweet michaelrsweet added investigating Investigating the issue bug Something isn't working security Security issue priority-high and removed investigating Investigating the issue labels Nov 21, 2024
@michaelrsweet michaelrsweet added this to the Stable milestone Nov 21, 2024
@michaelrsweet
Copy link
Owner

Looks like the same issue could happen here...

michaelrsweet added a commit that referenced this issue Nov 21, 2024
@michaelrsweet
Update file_basename implementation to handle really long filenames (…
6fb16b8 
…Issue #532)
@michaelrsweet
Copy link
Owner

[master 6fb16b8] Update file_basename implementation to handle really long filenames (Issue #532)

@Crispy-fried-chicken
Copy link
Author

@michaelrsweet is there any need to request a CVEID because of the high priority here?

@michaelrsweet
Copy link
Owner

I really don’t think so. We really didn’t need one for the other bug, and it isn’t like you could do anything besides crash the program.

@Crispy-fried-chicken
Copy link
Author

But crashing the program itself is a consequence, so don’t we need to inform users by applying for CVEID?

@michaelrsweet
Copy link
Owner

Crash != CVE

@Crispy-fried-chicken
Copy link
Author

Hey @michaelrsweet, Thank you for your reply about this issue which is detected by our tools. Now I really want to know your thoughts about our tool. When you have a chance, could you please take a look at our tool? Specifically, we're interested in understanding:

  1. Do you feel the detection results from our tool help enhance the security of your project?
  2. Would you be willing to let us regularly scan your project in the future to identify potential vulnerabilities?
  3. Our tool works by collecting patches from existing publicly disclosed vulnerabilities in real time and scanning target projects for the presence of identical code or similar logic. Do you have any suggestions for improving this vulnerability detection approach?
    Please feel free to tell me your thoughts, it's really important for us to improve our tool. Thank you!

@michaelrsweet
Copy link
Owner

@Crispy-fried-chicken you didn’t provide a link, so how can I possibly say. Having a bug report was useful, but I wouldn’t want a tool that auto-reports issues without human screening.

@Crispy-fried-chicken
Copy link
Author

@michaelrsweet Thank you for your response, we will scan your project regularly and send the issues after human checking.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michaelrsweet michaelrsweet

Labels
bug Something isn't working priority-high security Security issue
Projects
None yet
Milestone
Stable
Development

No branches or pull requests
2 participants
@michaelrsweet @Crispy-fried-chicken