Note:
This project will be discontinued after December 13, 2021. [more]
2018-06-12
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).
| Products | Mruby |
| Type | NULL Pointer Dereference (CWE-476) |
| First patch |
https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2 |
| Relevant file/s | ./src/kernel.c (modified, +1, -1) |
| Links | https://github.com/mruby/mruby/issues/4036 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: