Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 before 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](cwe.mitre.org/data/definitions/122.html).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
radare radare2 |