[PATCH] awk: fix use after free (CVE-2023-42363)
Natanael Copa
ncopa at alpinelinux.org
Tue May 21 06:46:46 UTC 2024
On Tue, 21 May 2024 07:43:03 +0200
Natanael Copa <ncopa at alpinelinux.org> wrote:
> Hi again,
>
> On Mon, 20 May 2024 22:52:44 +0200
> Natanael Copa <ncopa at alpinelinux.org> wrote:
>
> > On Mon, 20 May 2024 17:55:28 +0200
> > Natanael Copa <ncopa at alpinelinux.org> wrote:
> >
> > > Fixes https://bugs.busybox.net/show_bug.cgi?id=15865
> >
> > I also found out that CVE-2023-42364 and CVE-2023-42365 are fixed with
> > commit 0256e00a9d07 (awk: fix precedence of = relative to ==).
>
> We discovered that this specific commit also breaks autotools test TAP output.
> https://www.gnu.org/software/automake/manual/html_node/Use-TAP-with-the-Automake-test-harness.html
>
> This was discovered when building https://lttng.org/files/lttng-ust/lttng-ust-2.13.8.tar.bz2
> run: ./configure && make -j$(nproc) && make AWK="/path/to/busybox awk" check
>
> Current git master awk is also broken.
A reproducer:
busybox awk 'BEGIN { a = 0 ? "yes": "no"; print a}'
Prints 0 instead of "no".
Looks like awk treats it as: (a = 0) ? "yes": "no"
-nc
More information about the busybox
mailing list