Subject: [Boost-bugs] [Boost C++ Libraries] #6528: Potential vulnerability in programs recompiled for 64-bit platforms
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2012-02-06 11:41:51
#6528: Potential vulnerability in programs recompiled for 64-bit platforms
---------------------------------------------+------------------------------
Reporter: econometrics@⦠| Owner: jsiek
Type: Bugs | Status: new
Milestone: To Be Determined | Component: dynamic_bitset
Version: Boost 1.38.0 | Severity: Problem
Keywords: Vulnerability, 64-bit, overflow |
---------------------------------------------+------------------------------
Default block size for the dynamic_bitset<> class on a 32bit platform is 4
bytes, while on a 64bit one it is actually 8 bytes. Therefore, objects of
dynamic_bitset<> will have different m_bits array lengths on 32- and
64-bit platforms. It is very likely to cause an overflow on the 64-bit
platform.
Conclusion: any program using dynamic_bitset<>::m_bits and recompiled from
32- to 64-bit is vulnerable.
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/6528> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:08 UTC