Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
arastorage/lexer : add checking the length of input data before alloc…
…ating it to buffer with fixed si$ . Description - next_string Function next_string that provides next lexem during AQL analysis tries to memcpy input data (part of AQL files) into fixed size buffer. Allocated buffer can fit only DB_MAX_ELEMENT_SIZE (32) bytes and the check is missing. - next_token Function next_token that provides next token during AQL analysis tries to memcpy input data (part of AQL files) into fixed size buffer. Allocated buffer can fit only DB_MAX_ELEMENT_SIZE (32) bytes and the check is missing. . Mitigation The size of input string should be limited to DB_MAX_ELEMENT_SIZE.
- Loading branch information