gmg137 snap7-rs Memory Corruption Vulnerability in Public API

A critical memory corruption vulnerability has been identified in gmg137 snap7-rs versions through 1.142.1. The issue arises in the Public API, specifically within the function pthread_cond_destroy, leading to a segmentation fault during the object's destruction process. This vulnerability was discovered while fuzzing the public APIs of the snap7-rs crate and has been publicly disclosed along with a proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a segmentation fault, indicating a memory safety issue that could be exploited to disrupt the application's normal operation or potentially lead to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by compiling the snap7-rs crate with AddressSanitizer enabled, using Clang as the compiler. After compiling the crate, the vulnerability can be triggered by running the compiled program with a crafted input file that causes the S7Partner object's destructor to crash while calling pthread_cond_destroy, which is evidenced by an AddressSanitizer segmentation fault error.