Security vulnerabilities and automated fixes for low level security issues
1 post found
A critical buffer overflow vulnerability was discovered and patched in hooker.c, where a memcpy call at line 1228 copied instruction bytes into a fixed-size bridge buffer without validating the copy length. An attacker or crafted binary could exploit this to corrupt memory, crash the process, or potentially achieve arbitrary code execution. The fix adds a simple but essential bounds check before the copy operation, enforcing the invariant that save_bytes never exceeds the allocated bridge buffer