Skip to content

LibTextCodec: Make UTF16BEDecoder read only up to an even offset #5802

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Mar 15, 2021

Conversation

IdanHo
Copy link
Member

@IdanHo IdanHo commented Mar 15, 2021

Reading up to the end of the input string of odd length results in an out-of-bounds read. (this fixes #5769)

FuzzUTF16BEDecoder is one of the 3 fuzzers that are crashing on the majority of cases fed to them by oss-fuzz (50% in this case assuming even distribution of input lengths :p), causing oss-fuzz to assume a failing build, so this is the first part of 3 to eventually making #5682 build again.

Reading up to the end of the input string of odd length results in
an out-of-bounds read
@awesomekling awesomekling merged commit c9f25bc into SerenityOS:master Mar 15, 2021
@IdanHo IdanHo deleted the utf16be_decoder_fix branch March 16, 2021 05:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

LibTextCodec: Heap buffer overflow in UTF16-BE decoder
2 participants