[3.5] chicken: unchecked size argument in malloc() (CVE-2017-6949)
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a
nonstandard CHICKEN-specific extension to
allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc().
With an unexpected size, the impact may have been a segfault or buffer overflow.
(from redmine: issue id 7032, created on 2017-03-17, closed on 2019-05-04)
- parent #7030