You are viewing a plain text version of this content. The canonical link for it is here.

Posted to c-dev@xerces.apache.org by "Roger Leigh (Jira)" <xe...@xml.apache.org> on 2021/08/24 05:18:00 UTC

[jira] [Created] (XERCESC-2217) ICUTranscoder::transcodeFrom buffer overflow

Roger Leigh created XERCESC-2217:
------------------------------------

             Summary: ICUTranscoder::transcodeFrom buffer overflow
                 Key: XERCESC-2217
                 URL: https://issues.apache.org/jira/browse/XERCESC-2217
             Project: Xerces-C++
          Issue Type: Bug
    Affects Versions: 3.2.3
            Reporter: Roger Leigh
            Assignee: Roger Leigh


See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35373

When charsDecoded == 0, the line for (index = 0; index < charsDecoded - 1; index++) will cause to read out of bounds of fSrcOffsets, due to unsigned integer underflow rules.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@xerces.apache.org
For additional commands, e-mail: c-dev-help@xerces.apache.org