You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@xalan.apache.org by "Scott Colcord (JIRA)" <xa...@xml.apache.org> on 2010/05/21 17:57:18 UTC
[jira] Commented: (XALANC-698) Buffer overflow from
XalanMessageLoader::load()
[ https://issues.apache.org/jira/browse/XALANC-698?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12870021#action_12870021 ]
Scott Colcord commented on XALANC-698:
--------------------------------------
My company uses 1.10, so I can't easily verify the change in running code, but by visual inspection, it looks good.
> Buffer overflow from XalanMessageLoader::load()
> -----------------------------------------------
>
> Key: XALANC-698
> URL: https://issues.apache.org/jira/browse/XALANC-698
> Project: XalanC
> Issue Type: Bug
> Components: XalanC
> Environment: Probably any C++ Environment
> Reporter: Scott Colcord
> Assignee: David Bertoni
> Fix For: CurrentCVS
>
>
> One of the XalanMessageLoader::load() overloads is calling XMLString::replaceTokens(), and not properly accounting for the NULL; replaceTokens() requires that the output buffer supplied be able to hold maxChars+1 characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: xalan-dev-unsubscribe@xml.apache.org
For additional commands, e-mail: xalan-dev-help@xml.apache.org