GHSA-PFR9-2P92-QRHQ Databento Binary Encoding (DBN) has a heap buffer overflow using c_chars_to_str function

The heap-buffer-overflow is triggered in the strlen function when handling the ccharstostr function in the dbn crate. This vulnerability occurs because the CStr::fromptr function in Rust assumes that the provided C string is null-terminated. However, there is no guarantee that the input chars arr...

Databento Binary Encoding (DBN) has a heap buffer overflow using c_chars_to_str function

The heap-buffer-overflow is triggered in the strlen function when handling the ccharstostr function in the dbn crate. This vulnerability occurs because the CStr::fromptr function in Rust assumes that the provided C string is null-terminated. However, there is no guarantee that the input chars arr...

RUSTSEC-2024-0377 Heap Buffer overflow using c_chars_to_str function

The heap-buffer-overflow is triggered in the strlen function when handling the ccharstostr function in the dbn crate. This vulnerability occurs because the CStr::fromptr function in Rust assumes that the provided C string is null-terminated. However, there is no guarantee that the input chars arr...

CVE-2020-23259

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the JsiStrlen function in the src/jsiChar.c file...

CVE-2018-5710

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the Key Distribution Center KDC, which allows remote authenticated users to cause a denial of servi...

CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...