beard variant
Challenge Information
Project: mongoose
Type: delta
Harnesses: 1
Vulnerabilities: 1
GitHub ā¢ Challenge Download ā¢ Challenge Diff
AFC Challenge Performance
Number of Unique Vulnerabilities Discovered: #
Number of Teams with Scoring PoVs: 6
Number of Teams with Scoring Patches: 2
Number of Teams with Scoring Bundles: 2
Total Points Scored for this Challenge: 30.294498236911778
What design decisions were considered for this challenge?
This challenge simulates a standard pull request containing a subtle vulnerability.
Why this set of vulnerabilities?
This challenge introduces a buffer overflow in mg_vxprintf while processing the %e format string. This is caused by an improper size when calling mg_dtoa.
Delta vs Full and why?
Delta format to represent a realistic pull request scenario.
Challenge Harnesses
- fuzz
Challenge Vulnerabilities
mg_vxprintf with a new %e stack-based buffer overflow
Vulnerability Information
Author: Dan
Harness: fuzz
CWE Classification: CWE-121
What functions and functionality is relevant?
mg_vxprintf() function when supporting %e and %E format.
Why is this vulnerable?
This new code calls mg_dtoa(tmp, 10, mantissa, 8, c == āeā), however the second parameter should be the sizeof(tmp) to ensure that there is no buffer overflow.
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This tests whether a CRS can detect subtly vulnerable code introduced by a developer during a typical code review scenario.