floooh sokol Stack-Based Buffer Overflow Vulnerability in the sokol_gfx.h Library

A stack-based buffer overflow vulnerability has been identified in the floooh sokol graphics library, specifically in the function '_sg_pipeline_desc_defaults' within the 'sokol_gfx.h' file. This vulnerability allows for local exploitation and has been publicly disclosed along with a proof-of-concept exploit. The issue arises from improper handling of an array index, which can become negative, leading to memory being read from before the start of a stack-allocated array. This vulnerability affects all versions of the sokol library prior to the latest commit that addresses the issue.

Impact

Exploitation of this vulnerability causes a stack buffer underflow, where the program reads memory before the allocated buffer, potentially leading to memory corruption or other unintended behavior.

Reproduction

The vulnerability can be reproduced by compiling the sokol library with AddressSanitizer enabled, and then running a fuzzer that inputs data causing the '_sg_pipeline_desc_defaults' function to read from a negative index, underflowing a stack-allocated array. This can be done using the 'hbf1' input file available in the 'oneafter/1212' repository on GitHub.

Remediation

Users are advised to update to the latest version of the floooh sokol library, which includes the necessary patch to fix this vulnerability.