atty potential unaligned read
Low severity
GitHub Reviewed
Published
Jun 30, 2023
to the GitHub Advisory Database
•
Updated Feb 14, 2024
Description
Published to the GitHub Advisory Database
Jun 30, 2023
Reviewed
Jun 30, 2023
Last updated
Feb 14, 2024
On windows,
atty
dereferences a potentially unaligned pointer.In practice however, the pointer won't be unaligned unless a custom global allocator is used.
In particular, the
System
allocator on windows usesHeapAlloc
, which guarantees a large enough alignment.atty is Unmaintained
A Pull Request with a fix has been provided over a year ago but the maintainer seems to be unreachable.
Last release of
atty
was almost 3 years ago.Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
References