Nuglaanta (CVE-2-2021) ayaa lagu aqoonsaday Toxcore, hirgelinta tixraaca borotokoolka fariimaha Tox P44847P, kaas oo laga yaabo inuu kiciyo fulinta kood marka la farsameynayo xirmo UDP ah oo si gaar ah loo farsameeyay. Nuglaanta waxay saamaysaa dhammaan isticmaalayaasha codsiyada ku salaysan Toxcore ee aan lahayn gaadiidka UDP naafo ah. Si aad u weerarto, way ku filan tahay inaad dirto baakidh UDP ah, adigoo og ciwaanka IP-ga, dekedda shabakadda, iyo DHT furaha guud ee dhibbanaha (macluumaadkan si guud ayaa looga heli karaa DHT, ie. weerarka waxaa lagu samayn karaa isticmaale kasta ama DHT martigeliyaha) .
Arrintu waxay ka soo muuqatay toxcore siidaynta 0.1.9 illaa 0.2.12 waxaana lagu hagaajiyay nooca 0.2.13. Codsiyada macmiilka, kaliya mashruuca qTox ayaa ilaa hadda soo saaray cusboonaysiinta ciribtirka dayacanka. Hawsha amniga ahaan, waxaad joojin kartaa isticmaalka UDP markaad ka tagayso taageerada TCP.
Nuglaanta waxaa sababa bakhtiyeyaal buux dhaafiyay hawsha handle_request(), taas oo ku dhacda xisaabinta khaldan ee cabbirka xogta ee xidhmada shabakada Gaar ahaan, dhererka xogta sir ah ayaa lagu go'aamiyay makro CRYPTO_SIZE, oo lagu qeexay "1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE", kaas oo markii dambe loo adeegsaday hawlgalka kala-goynta "dhererka - CRYPTO_SIZE". Qasnadaha la'aanta ee makro awgeed, intaad ka jari lahayd wadarta dhammaan qiimaha, ka jar 1 oo ku dar qaybaha soo hadhay. Tusaale ahaan, halkii laga isticmaali lahaa "dhererka - (1 + 32 * 2 + 24"), cabbirka bakhaarka waxaa loo xisaabiyay "dherer - 1 + 32 * 2 + 24", taas oo keentay in xogta lagu qoro raso ka baxsan kaydka. xuduud.
Source: opennet.ru