You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@xerces.apache.org by "Roger Leigh (Jira)" <xe...@xml.apache.org> on 2021/08/24 05:18:00 UTC
[jira] [Created] (XERCESC-2217) ICUTranscoder::transcodeFrom buffer
overflow
Roger Leigh created XERCESC-2217:
------------------------------------
Summary: ICUTranscoder::transcodeFrom buffer overflow
Key: XERCESC-2217
URL: https://issues.apache.org/jira/browse/XERCESC-2217
Project: Xerces-C++
Issue Type: Bug
Affects Versions: 3.2.3
Reporter: Roger Leigh
Assignee: Roger Leigh
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35373
When charsDecoded == 0, the line for (index = 0; index < charsDecoded - 1; index++) will cause to read out of bounds of fSrcOffsets, due to unsigned integer underflow rules.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@xerces.apache.org
For additional commands, e-mail: c-dev-help@xerces.apache.org