Skip to content

Fix segfault for 1-qubit QUnit GetProbs()
Compare
Choose a tag to compare
@WrathfulSpatula WrathfulSpatula released this 20 Nov 18:34
· 51 commits to main since this release
vm6502q.v9.12.38
87a8b72

5fa8e96 introduced a segmentation fault in QUnit::GetProbs() in the specific case that the QUnit instance has exactly 1 qubit. I estimate the severity of the vulnerability to be low: all tests so far have resulted in a "caught" segmentation fault rather than a silent one, likely because the first unsafe access to memory is always an attempt to write to memory address 0/NULL. The specific case of calling QUnit::GetProbs() for an instance with just one qubit is likely also uncommon in user code. With that said, please update immediately!

(Thanks to @cosenal for catching this!)

Full Changelog: vm6502q.v9.12.34...vm6502q.v9.12.38

sha1sum results:
817734795acef3344aca164ebd99ac0c246c6f13 libqrack-macosx_14_0_arm64.zip
ae1b73c2229958f503cab3f13b2bf5a1c7a71334 libqrack-macosx_15_0_arm64.zip
61162e30a2b4385b72eff87ca94369387607ef59 libqrack-manylinux2014_x86_64.zip
3ebf3994706d01529fa71b534a62c4cc26d9bb5d libqrack-manylinux_2_35_x86_64.zip
de5886e8894a94b5bbc99c642bdcb971ddf55d9f libqrack-manylinux_2_39_x86_64.zip
797c95b747d23fb5280193fa5c06aa51d4a3d367 libqrack-win-amd64.zip

Contributors

cosenal
Assets 8
Loading