oss-sec mailing list archives

Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow

From: Jacob Bachmeyer <jcb62281 () gmail com>
Date: Thu, 24 Apr 2025 23:47:30 -0500

On 4/24/25 19:08, Solar Designer wrote:

On Thu, Apr 24, 2025 at 09:06:26PM +0200, Jakub Wilk wrote:

* Solar Designer <solar () openwall com>, 2025-04-24 20:32:

There appears to be a growing trend towards calling OOB reads "buffer
overflows".

Part of the problem may be that AddressSanitizer uses this unforuntate
terminology; you get something like this:

     ==7802==ERROR: AddressSanitizer: stack-buffer-overflow on address
     0xf5f00021 at pc 0xf79c113e bp 0xfff496e8 sp 0xfff492c4
     READ of size 2 at 0xf5f00021 thread T0

Yes, this may very well be the main cause of this trend.  Is someone
reading this in a position to change the wording in AddressSanitizer?
For example, it could have "stack out-of-bounds read" in place of
"stack-buffer-overflow" above.

On a guess that the same message fragment is used for both reads andwrites, how about "stack-bound-violation" instead of"stack-buffer-overflow"? It is even the same length.



-- Jacob

Current thread:

CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow 田世林 (Apr 24)
- Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Solar Designer (Apr 24)
  - Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Jakub Wilk (Apr 24)
    - Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Solar Designer (Apr 24)
    - Re: CVE-2025-3512: Qt Base QTextMarkdownImporter Front Matter Buffer Overflow Jacob Bachmeyer (Apr 25)