libmysofa.so is vulnerable to heap-based buffer overflow. The lack of size check in the readOHDRHeaderMessageDataLayout
function in dataobject.c
causes a heap-based buffer overflow which could result in an application crash.
github.com/hoene/libmysofa/commit/890400ebd092c574707d0c132124f8ff047e20e1
github.com/hoene/libmysofa/issues/165
github.com/hoene/libmysofa/pull/166
huntr.dev/bounties/7ca8d9ea-e2a6-4294-af28-70260bb53bc1
lists.fedoraproject.org/archives/list/[email protected]/message/PGQ45S4RH7MC42NHTAGOIHYR4C5IRTMZ/
lists.fedoraproject.org/archives/list/[email protected]/message/WGY7TAZX2M4NYXXGNHIBBKKN5XMSMKQ4/