oss-sec mailing list archives
Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow
From: Solar Designer <solar () openwall com>
Date: Fri, 25 Apr 2025 02:08:31 +0200
On Thu, Apr 24, 2025 at 09:06:26PM +0200, Jakub Wilk wrote:
* Solar Designer <solar () openwall com>, 2025-04-24 20:32:There appears to be a growing trend towards calling OOB reads "buffer overflows".Part of the problem may be that AddressSanitizer uses this unforuntate terminology; you get something like this: ==7802==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xf5f00021 at pc 0xf79c113e bp 0xfff496e8 sp 0xfff492c4 READ of size 2 at 0xf5f00021 thread T0
Yes, this may very well be the main cause of this trend. Is someone reading this in a position to change the wording in AddressSanitizer? For example, it could have "stack out-of-bounds read" in place of "stack-buffer-overflow" above. Alexander
Current thread:
- CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow 田世林 (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Solar Designer (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Jakub Wilk (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Solar Designer (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Jacob Bachmeyer (Apr 25)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Jakub Wilk (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Solar Designer (Apr 24)