My favorites | Sign in
Google
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
New issue | Search
for
| Advanced search | Search tips
Issue 55: SRPC Marshalling Integer Overflow Vulnerability
3 people starred this issue and may be notified of changes. Back to list
Status:  Fixed
Owner:  sehr+leg...@google.com
Closed:  Apr 2009
Security-Contest
Type-Defect


Sign in to add a comment
 
Reported by mark.dowd, Mar 12, 2009 
Team: Beached As

The SRPC marshalling functionality contains potential integer overflows
when the MarshallInput() function deals with arrays (similarly, the
MarshallOutput function is also affected). This vulnerability relies on the
new operator being vulnerable to internal integer overflows, which is the
case for linux builds, but not Windows. (In Windows, an exception is thrown
instead.) Mac is untested.
srpclamecrash.zip
196 KB Download
Comment 1 by mark.dowd, Mar 12, 2009 
This ZIP file doesn't have the readme. I have attached a new one with all the
information.
srpclamecrash.zip
191 KB Download
Comment 2 by nativeclient.admin, Mar 12, 2009 
Verified as an issue
Status: Accepted
Owner: s...@google.com
Labels: Type-Defect
Comment 3 by nativeclient.admin, Apr 10, 2009 
Fix was released in build 57.
Status: Fixed
Sign in to add a comment