FascinatedBox Lily Heap-Based Buffer Overflow Vulnerability in Storage Cleanup Function
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the FascinatedBox Lily interpreter, specifically in versions up to 2.3. The issue arises in the 'clear_storages' function within 'src/lily_emitter.c', where improper handling of storage slots leads to an out-of-bounds read. This vulnerability occurs when the emitter cleans up after leaving a lambda block, causing a read violation at the boundary of an allocated buffer. The vulnerability requires local access to exploit.
Impact
Exploitation of this vulnerability causes a heap-buffer-overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by building the Lily interpreter with release optimization and AddressSanitizer (ASan) enabled. After building the interpreter, it can be run with a specific test file that triggers the buffer overflow. The ASan report will indicate the read violation, confirming the exploitation of the vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.