ruby: Buffer overread vulnerability in StringIO

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...

ruby: Buffer overread vulnerability in StringIO

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...

The vulnerability of the ungetbyte and ungetc methods in the StringIO string handling utilities in the Ruby programming language allows attackers to compromise the confidentiality of the protected information.

The vulnerability of the ungetbyte and ungetc methods in the StringIO string handling utilities in the Ruby programming language is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the...

PT-2024-2478

Name of the Vulnerable Software and Affected Versions: Ruby StringIO versions 3.0.1 through 3.0.6 Ruby StringIO versions 3.1.x through 3.1.4 Description: A buffer-overread issue was discovered in StringIO, where the ungetbyte and ungetc methods can read past the end of a string, and a subsequent...

Ruby: StringIO strio_getline() can divulge arbitrary memory

originally send by e-mail on 4 Jun 2016 The problem is this line in ext/stringio/stringio.c striogetline: c 1002 if limit 0 && s + limit pos = n = RSTRINGLENptr-string 997 return Qnil; 998 a wrong 'len' parameter to this function doesn't matter as it will correct it itself: c 98 static VALUE 99...