[Bug 3382] New: Software vulnerabilities detected using ESBMC-WR tool
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Jan 20 14:38:12 AEDT 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3382
Bug ID: 3382
Summary: Software vulnerabilities detected using ESBMC-WR tool
Product: Portable OpenSSH
Version: 8.8p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: janislley at gmail.com
Hello,
2 potential software vulnerabilities were found in code.
To identify this kind of vulnerabilities I used tool ESBMC-WR:
https://github.com/thalestas/esbmc-wr
Please, check the logs of analysis:
Issue #1
--------
State 2 file syserr.c line 4 function strerror thread 0
----------------------------------------------------
errnum = -2147483648 (10000000 00000000 00000000 00000000)
State 3 file syserr.c line 108 function strerror thread 0
----------------------------------------------------
Violated property:
file syserr.c line 108 function strerror
array bounds violated: array `sys_errlist' lower bound
(signed long int)errnum >= 0
Issue #2
--------
State 3 file utimensattest.c line 46 function fail thread 0
----------------------------------------------------
saved_errno = -2147483648 (10000000 00000000 00000000 00000000)
State 4 file syserr.c line 4 function strerror thread 0
----------------------------------------------------
errnum = -2147483648 (10000000 00000000 00000000 00000000)
State 5 file syserr.c line 108 function strerror thread 0
----------------------------------------------------
Violated property:
file syserr.c line 108 function strerror
array bounds violated: array `sys_errlist' lower bound
(signed long int)errnum >= 0
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list