[XERCESC-2217] ICUTranscoder::transcodeFrom buffer overflow - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.2.3
Fix Version/s: 3.2.4, 4.0.0
Component/s: None
Labels:
None

Description

See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35373

When charsDecoded == 0, the line for (index = 0; index < charsDecoded - 1; index++) will cause to read out of bounds of fSrcOffsets, due to unsigned integer underflow rules.

Attachments

Issue Links

links to

GitHub Pull Request #24

GitHub Pull Request #25

Activity

People

Assignee:: Roger Leigh

Reporter:: Roger Leigh

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Aug/21 05:17

Updated:: 05/Oct/22 17:51

Resolved:: 05/Oct/22 17:51