When memory is released and reallocated, a random security value called a canary is written to the before/after area of memory, and if the value has been modified, the process is terminated (restarted) for safety, assuming it is a buffer overflow of the memory area. This feature may effectively prevent confidentiality or integrity violations in the event that some heap area overflow vulnerability is discovered in this system in the future.
Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.
Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.
This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.
Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
[src/Mayaqua/Memory.c:2605]: (style) The function 'ClearFifo' is never used.
[src/Mayaqua/Memory.c:1380]: (style) The function 'CloneList' is never used.
[src/Mayaqua/Memory.c:4267]: (style) The function 'CloneTail' is never used.
[src/Mayaqua/Memory.c:1972]: (style) The function 'DelAllInt' is never used.
[src/Mayaqua/Memory.c:2068]: (style) The function 'DelInt64' is never used.
[src/Mayaqua/Memory.c:1789]: (style) The function 'DeleteKey' is never used.
[src/Mayaqua/Memory.c:2934]: (style) The function 'DumpData' is never used.
[src/Mayaqua/Memory.c:835]: (style) The function 'FillBytes' is never used.
[src/Mayaqua/Memory.c:2759]: (style) The function 'GetFifoCurrentReallocMemSize' is never used.
[src/Mayaqua/Memory.c:1475]: (style) The function 'InsertDistinct' is never used.
[src/Mayaqua/Memory.c:2274]: (style) The function 'InsertInt64Distinct' is never used.
[src/Mayaqua/Memory.c:1612]: (style) The function 'IsInListUniStr' is never used.
[src/Mayaqua/Memory.c:2647]: (style) The function 'LockFifo' is never used.
[src/Mayaqua/Memory.c:1120]: (style) The function 'PeekQueue' is never used.
[src/Mayaqua/Memory.c:2158]: (style) The function 'RandomizeList' is never used.
[src/Mayaqua/Memory.c:1364]: (style) The function 'SetCmp' is never used.
[src/Mayaqua/Memory.c:1570]: (style) The function 'SetSortFlag' is never used.
[src/Mayaqua/Memory.c:1596]: (style) The function 'SortEx' is never used.
[src/Mayaqua/Memory.c:3718]: (style) The function 'Swap' is never used.
[src/Mayaqua/Memory.c:2659]: (style) The function 'UnlockFifo' is never used.
[src/Mayaqua/Memory.c:2532]: (style) The function 'WriteFifoFront' is never used.
[src/Mayaqua/Memory.c:1981]: (style) The function 'InsertInt64' is never used.
[src/Mayaqua/Memory.c:2317]: (style) The function 'PadFifoFront' is never used.
[src/Mayaqua/Memory.c:2155]: (style) The function 'PeekFifo' is never used.
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()
4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.
Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code
1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.
RecvAll can return success on failure (leading to use of uninitialized memory)
Contributors for this bugfix:
- Max Planck Institute for Molecular Genetics
- Guido Vranken
Daiyuu Nobori
Davide Beatrici
Daiyuu Nobori
Davide Beatrici
Ilya Shipitsin
Josh Soref
Daiyuu Nobori