The OSTIF Foundation (Open Source Technology Improvement Fund), dedicated to enhancing the security of open-source projects, has recently released the results of a security audit on the Boost library commonly used in C++ projects. The audit, conducted in collaboration with Amazon Web Services and SHIELDER, an Italian cybersecurity company, uncovered a total of 7 issues, with one deemed of moderate severity and four categorized as low-risk, while two are flagged as informational concerns.
The specific components of the Boost library that were examined during the audit include:
- boost.beast
- boost.dll
- boost.date_time
- boost.filesystem
- boost.gil
- boost.graph
- boost.json
- boost.program_options
- boost.regex
- boost.string_algo
- boost.url
- boost.uuid
The identified issues from the audit report are as follows:
- A vulnerability in Boost.beast that allows for CRLF injection, potentially enabling HTTP header splitting, with a moderate level of severity.
- Stack overflow incidents in the Boost.regex library during various recursive operations.
- A stack overflow in the Boost.graph library under certain recursive scenarios.
- Assertion failures in the breadth_first_search functions within the Boost.graph library.
- Unhandled exceptions in Boost.dll.
Following the audit findings, the Boost development team has already addressed 4 of the identified issues and implemented 15 enhancements to increase code coverage and functionality during fuzz testing. However, the issue related to HTTP header splitting in Boost.beast remains unresolved, and recommendations provided in the report have yet to be fully implemented.