Skip to content

zig-ziglibc

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

zig-ziglibc

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
001-getgroupslinux-intcast-of-negative-size-causes-panic.md
001-getgroupslinux-intcast-of-negative-size-causes-panic.md
 
 
001-getgroupslinux-intcast-of-negative-size-causes-panic.patch
001-getgroupslinux-intcast-of-negative-size-causes-panic.patch
 
 
001-malloc-integer-overflow.md
001-malloc-integer-overflow.md
 
 
001-malloc-integer-overflow.patch
001-malloc-integer-overflow.patch
 
 
001-signed-minimum-overflows-in-abs-shims.md
001-signed-minimum-overflows-in-abs-shims.md
 
 
001-signed-minimum-overflows-in-abs-shims.patch
001-signed-minimum-overflows-in-abs-shims.patch
 
 
002-memccpy-omits-matched-byte-and-never-returns-null.md
002-memccpy-omits-matched-byte-and-never-returns-null.md
 
 
002-memccpy-omits-matched-byte-and-never-returns-null.patch
002-memccpy-omits-matched-byte-and-never-returns-null.patch
 
 
003-posix-memalign-missing-alignment-validation.md
003-posix-memalign-missing-alignment-validation.md
 
 
003-posix-memalign-missing-alignment-validation.patch
003-posix-memalign-missing-alignment-validation.patch
 
 
003-strtok-r-leaves-save-state-stale-when-input-is-all-delimiter.md
003-strtok-r-leaves-save-state-stale-when-input-is-all-delimiter.md
 
 
003-strtok-r-leaves-save-state-stale-when-input-is-all-delimiter.patch
003-strtok-r-leaves-save-state-stale-when-input-is-all-delimiter.patch
 
 
004-lrint-undefined-behavior-on-nan-inf-out-of-range-input.md
004-lrint-undefined-behavior-on-nan-inf-out-of-range-input.md
 
 
004-lrint-undefined-behavior-on-nan-inf-out-of-range-input.patch
004-lrint-undefined-behavior-on-nan-inf-out-of-range-input.patch
 
 
011-mprotectlinux-aligns-len-without-accounting-for-addr-alignme.md
011-mprotectlinux-aligns-len-without-accounting-for-addr-alignme.md
 
 
011-mprotectlinux-aligns-len-without-accounting-for-addr-alignme.patch
011-mprotectlinux-aligns-len-without-accounting-for-addr-alignme.patch
 
 
012-wcsnlen-slices-with-maxint-usize-on-sentinel-terminated-poin.md
012-wcsnlen-slices-with-maxint-usize-on-sentinel-terminated-poin.md
 
 
012-wcsnlen-slices-with-maxint-usize-on-sentinel-terminated-poin.patch
012-wcsnlen-slices-with-maxint-usize-on-sentinel-terminated-poin.patch
 
 
README.md
README.md
 
 

README.md

Zig ziglibc Audit Findings

Security audit of ziglibc, the Zig standard library's C compatibility layer. Each finding includes a detailed write-up and a patch.

Summary

Total findings: 9 -- High: 4, Medium: 5

Findings

Memory allocation

# Finding Severity
001 malloc integer overflow High
003 posix_memalign missing alignment validation Medium

C library shims

# Finding Severity
001 Signed minimum overflows in abs shims Medium
002 memccpy omits matched byte and never returns NULL High
003 strtok_r leaves save state stale when input is all delimiter Medium
004 lrint undefined behavior on NaN/Inf/out-of-range input High
012 wcsnlen slices with maxInt(usize) on sentinel-terminated pointer Medium

Linux syscall layer

# Finding Severity
001 getgroupsLinux @intCast of negative size causes panic Medium
011 mprotectLinux aligns len without accounting for addr alignment delta High