kc3-lang/libxml2

Browse

Commit 132af1a0d1e949ea0a488c31689f83c1dde7df7d

Nick Wellnhofer 2018-01-08T18:48:01

Fix buffer over-read in xmlParseNCNameComplex Calling GROW can halt the parser if the buffer grows too large. This will set the buffer to an empty string. Return immediately in this case, otherwise the "current" pointer is advanced leading to a buffer over-read. Found with OSS-Fuzz. See https://oss-fuzz.com/testcase?key=6683819592646656 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5031 


          

          

        

        


    

  





 kmx.io    
 mail    
 discord

kmxgit v0.4.0