Hello,
I would like to request a CVE for a select() buffer overrun
vulnerability in CHICKEN Scheme on the Android platform. This is
basically the same issue as CVE-2012-6122 [1], thus the same workaround
applies: Set the maximum number of open files ulimit to a value lower
than or equal to FD_SETSIZE. Alternatively, apply the patch that fixes
the issue (see below).
Since the Android platform target was added fairly recently, the only
affected release versions are 4.9.0 and 4.9.0.1.
The issue is fixed by switching to POSIX poll() on Android, too. This
fix will be included in the upcoming release versions 4.9.0.2, 4.9.1,
4.10.0, and 5.0.
For the official announcement, see
http://lists.nongnu.org/archive/html/chicken-users/2014-08/msg00055.html
The patch on the discussion list is
http://lists.nongnu.org/archive/html/chicken-hackers/2014-08/msg00017.html
and it got applied as
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=bbf5c1d5839970c17b37406155180853c325c710
A patch which changes the default to be POSIX poll() so that platforms
added in the future will be more likely not to be affected by this issue
is being discussed at
http://lists.nongnu.org/archive/html/chicken-hackers/2014-08/msg00019.html
Regards
Moritz
[1] Original announcement:
http://lists.nongnu.org/archive/html/chicken-users/2012-06/msg00031.html