CSS Parser has off-by-one reads #1276

jeffkaufman · 2016-03-07T15:41:09Z

When css isn't null terminated, the parser can read one past the end.

Fixed by 5ac1322, c936eaa, 6dfaf07, 356a845 (Squashed down to 0bc4ce7)

The text was updated successfully, but these errors were encountered:

Fixes #1276 (Squash of 5ac1322, c936eaa, 6dfaf07, and 356a845)

jeffkaufman · 2016-03-31T20:40:54Z

Released in 1.11.33.0.

jeffkaufman closed this as completed Mar 7, 2016

jeffkaufman changed the title ~~CSS Parser has off-by-one heap read~~ CSS Parser has off-by-one reads Mar 7, 2016

jeffkaufman pushed a commit that referenced this issue Mar 7, 2016

Fix two off-by-one reads in the CSS parser.

0bc4ce7

Fixes #1276 (Squash of 5ac1322, c936eaa, 6dfaf07, and 356a845)

CSS Parser has off-by-one reads #1276

CSS Parser has off-by-one reads #1276

jeffkaufman commented Mar 7, 2016

jeffkaufman commented Mar 31, 2016

CSS Parser has off-by-one reads #1276

CSS Parser has off-by-one reads #1276

Comments

jeffkaufman commented Mar 7, 2016

jeffkaufman commented Mar 31, 2016