diff options
| author | 2017-01-16 02:00:27 +0100 | |
|---|---|---|
| committer | 2017-01-16 02:00:27 +0100 | |
| commit | 7a28a14cf6ed547dfd2e52a4db17f47242bfdef9 (patch) | |
| tree | 7c4801860e30b90dbd047ffe082579744c104a3e /fuzz/bplist-crashes/crash-4c5404453bb7425aef9b953a5f6f3f0afcc48392 | |
| parent | 3a55ddd3c4c11ce75a86afbefd085d8d397ff957 (diff) | |
| download | libplist-7a28a14cf6ed547dfd2e52a4db17f47242bfdef9.tar.gz libplist-7a28a14cf6ed547dfd2e52a4db17f47242bfdef9.tar.bz2 | |
bplist: Disallow key nodes with non-string node types
As reported in #86, the binary plist parser would force the type of the
key node to be of type PLIST_KEY while the node might be of a different
i.e. non-string type. A following plist_free() might then call free() on
an invalid pointer; e.g. if the node is of type integer, its value would
be considered a pointer, and free() would cause an error.
We prevent this issue by disallowing non-string key nodes during parsing.
Diffstat (limited to 'fuzz/bplist-crashes/crash-4c5404453bb7425aef9b953a5f6f3f0afcc48392')
0 files changed, 0 insertions, 0 deletions
