It was discovered that gc"s implementation of the malloc and calloc routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc and calloc routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application