You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Does not check for buffer overflows, If message's length > str's length, there's a buffer overflow.
This issue was reported to brave via hackerone, they marked my bug as informative and close it by saying.
The code that you highlighted is part of the npm module cppunitlite. The npm module is used in the tracking protection library in the iOS browser, but the code snippet that you highlighted is not used in the code.
You can report the issue here for a fix from the author: https://github.com/smikes/CppUnitLite/
Thanks, Dhiraj
The text was updated successfully, but these errors were encountered:
From Brave: https://github.com/brave/browser-ios/blob/development/brave/node_modules/tracking-protection/node_modules/cppunitlite/src/SimpleString.cpp#L85
sprintf (buffer, "%lf", value);
Does not check for buffer overflows, If message's length > str's length, there's a buffer overflow.
This issue was reported to brave via hackerone, they marked my bug as informative and close it by saying.
Thanks, Dhiraj
The text was updated successfully, but these errors were encountered: