On Mon, Jun 15, 2015 at 08:41:15AM +0200, Peter Bex wrote: > Hello CHICKEN users, > > Using gcc's Address Sanitizer, it was discovered that the string-translate* > procedure from the data-structures unit can scan beyond the input string's > length up to the length of the source strings in the map that's passed to > string-translate*. This issue was fixed in master 8a46020, and it will > make its way into CHICKEN 4.10. > > This bug is present in all released versions of CHICKEN. > > There is no known workaround, except applying the patch posted in the > following chicken-hackers thread: > http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html
This bug has been assigned CVE-2015-4556. Kind regards, The CHICKEN Team
signature.asc
Description: Digital signature
_______________________________________________ Chicken-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/chicken-users
