Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CBORParser need to validate zero-length byte[] for BigInteger #261

Closed
cowtowncoder opened this issue Mar 20, 2021 · 0 comments
Closed

CBORParser need to validate zero-length byte[] for BigInteger #261

cowtowncoder opened this issue Mar 20, 2021 · 0 comments
Labels
fuzz Issue found by OssFuzz
Milestone
2.12.3

Comments

@cowtowncoder
Copy link
Member

(from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32250)

Note: similar to #257, CBOR parser should have special handling for case of trying to construct BigInteger from 0-length byte array. Seems reasonable to just construct BigInteger.ZERO for such case.
@cowtowncoder cowtowncoder added this to the 2.12.3 milestone Mar 20, 2021
@cowtowncoder cowtowncoder added the fuzz Issue found by OssFuzz label Apr 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fuzz Issue found by OssFuzz
Projects
None yet
Milestone
2.12.3
Development

No branches or pull requests
1 participant
@cowtowncoder