oss-sec mailing list archives
Use after free in my_login() function of DBD::mysql (Perl module)
From: Hanno Böck <hanno () hboeck de>
Date: Mon, 25 Jul 2016 13:34:17 -0400
https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html DBD::mysql versions 4.033 and earlier have a use after free bug in the my_login() function. DBD::mysql is a Perl module providing bindings to the mysql database. The issue was fixed in version 4.034. This issue was discovered with Address Sanitizer. https://github.com/perl5-dbi/DBD-mysql/pull/45 Pull request / patch -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- Use after free in my_login() function of DBD::mysql (Perl module) Hanno Böck (Jul 25)
- Re: Use after free in my_login() function of DBD::mysql (Perl module) cve-assign (Jul 26)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) lazytyped (Jul 28)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) Hanno Böck (Jul 29)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) lazytyped (Jul 29)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) Hanno Böck (Jul 30)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) Joshua J. Drake (Jul 31)
- Re: Re: Use after free in my_login() function of DBD::mysql (Perl module) lazytyped (Jul 28)
- Re: Use after free in my_login() function of DBD::mysql (Perl module) cve-assign (Jul 26)