Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-26243 PoC — Nanopb 缓冲区错误漏洞

Source
https://github.com/HimanshuS67/external_nanopb-c_AOSP10_CVE-2020-26243
Associated Vulnerability
Title:Nanopb 缓冲区错误漏洞 (CVE-2020-26243)
Description:Nanopb是Nanopb个人开发者的一个适用于微处理器的协议缓冲区实现。 Nanopb 0.4.4版本和0.3.9.7之前版本存在缓冲区错误漏洞,该漏洞源于如果启用了动态分配,且其中一个字段包含包含动态字段的静态子消息,且被解码的消息多次包含该子消息,则特定格式的解码消息可能会泄漏内存。
File Snapshot

 [4.0K]  /data/pocs/d907216af259f27248159189154402133b44eb60
└── [ 46K]  pb_decode.c

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.